The Defender’s Log Podcast

What if the biggest threats on the internet are the ones nobody can fully measure?
In this special episode of The Defender’s Log, host David Redekop sits down with John Todd, Andreas Taudte, and Andrew Campling for a deep conversation about the hidden realities shaping cybersecurity today.
From Zero Trust DNS and encrypted traffic to malicious domain “dark matter” and the growing complexity of enterprise security, this discussion pulls back the curtain on what security leaders are actually seeing behind the scenes. The panel explores how attackers quietly evolve their tactics, why modern privacy technologies sometimes create entirely new security problems, and how organizations struggle to balance visibility, compliance, protection, and personal privacy in an increasingly connected world.
The conversation also dives into DNS as the internet’s control plane, the risks hiding inside IoT and OT environments, the challenge of securing legacy infrastructure, and why the future of cybersecurity may depend less on perimeter defense and more on understanding behavior patterns at scale.
This is the kind of conversation that changes how you look at the internet after the episode ends.
Key Discussion Points
02:58 — Why malicious domains keep growing instead of shrinking04:35 — The case for Zero Trust DNS in enterprises and homes05:30 — The scale of harmful content online and why it keeps increasing07:40 — Why protective DNS should be the default10:00 — Enterprise visibility, DNS logging, and encrypted DNS challenges12:00 — Privacy vs security: where the debate gets messy16:00 — How encryption can unintentionally protect bad actors20:00 — Why modern privacy tools can force companies to inspect everything23:30 — Moving security controls closer to the endpoint25:00 — DNS challenges in schools, factories, OT, and IoT environments29:15 — “We’re solving one problem by creating another”31:00 — Why DNS is becoming the internet’s true control plane33:00 — The reality of securing legacy infrastructure35:00 — Making Zero Trust DNS practical for real-world users36:00 — Extended DNS Errors (EDE) and making security visible40:00 — How attackers hide malicious domains in plain sight42:00 — The rise of “aged” domains and stealthy phishing operations43:20 — Detecting attacks through DNS behavior patterns
Don’t forget to:• Subscribe for more conversations with cybersecurity leaders and innovators• Share this episode with someone working in IT, security, or network infrastructure• Leave a review to help more people discover The Defender’s Log• Follow along for future episodes exploring the technologies shaping the modern internet
#CyberSecurity #DNS #ZeroTrust #ThreatIntelligence #CISO #InfoSec #CyberDefense #NetworkSecurity #Privacy #EnterpriseSecurity #ThreatDetection #DNSSecurity #CyberThreats #DigitalInfrastructure #TechPodcast

What happens when a childhood curiosity for computers turns into a mission to protect the next generation online?
Tom Newton shares the path from experimenting with modems and BBS systems in the early days of computing to defending schools and students against modern cyber threats. The discussion goes deep into digital safety, BYOD risks, VPN abuse, AI-generated evasion techniques, and why protecting young people online requires more than just technology.
The conversation also explores the human side of cybersecurity— curiosity, mentorship, freedom, responsibility, and the challenge of balancing privacy with protection in a permanently recorded world.
Whether you're in cybersecurity, education, parenting, or technology leadership, this discussion highlights why digital defense today is ultimately about people.
 
Key Discussion Points
02:06 – How Tom got into technology04:26 – Early hacking culture, modems & BBS systems06:40 – Switching from chemistry to computer science10:45 – Discovering cybersecurity through a worm outbreak13:26 – Finding Smoothwall & becoming a defender16:41 – The importance of mentors and “Johnnys” in life19:22 – Growing up before everything was permanently recorded23:21 – The challenge of protecting kids online24:45 – Peer-to-peer abuse inside productivity tools26:00 – How students bypass filters and hide games28:00 – Why content filtering matters more than URL filtering29:27 – Why keeping kids safe takes a community32:00 – Balancing exploration, freedom, and protection33:24 – Privacy vs child safety online37:33 – UNDERMINR and the discovery process39:00 – Free VPNs, malware, and harmful advertising42:00 – Sexualized ads and harmful online ecosystems44:24 – Why UNDERMINR changes defensive assumptions48:35 – How Smoothwall and Linewize defend against it49:37 – The future of privacy, trust, and visibility online
Don’t forget to:👍 Like this video🔔 Subscribe for more conversations on cybersecurity, technology, and digital defense💬 Comment with your biggest takeaway from the discussion🔗 Share this with someone working in tech, education, or online safety
#CyberSecurity #OnlineSafety #DigitalDefense #CyberDefense #Privacy #EducationTechnology #InfoSec #AI #Networking #TechnologyLeadership #Podcast #CyberAwareness

What started as the “phonebook of the internet” is now one of the most critical layers in cybersecurity.
In this episode of The Defender’s Log, David Redekop sits down with Cricket Liu—often called the godfather of DNS—to unpack how DNS evolved from a trusted utility into a frontline security control. From the early days of DNS and BIND to the rise of protective DNS, threat intelligence, and zero trust architectures, this conversation traces the real story behind modern network defense.
 
Key Discussion Points
00:00 From “phonebook” to frontline defense: why DNS became critical to security02:20 The origins of protective DNS and response policy zones (RPZ)05:00 Why many organizations still run DNS “wide open”06:30 The evolution of threat intelligence: from feeds to analytics-driven detection09:00 How passive DNS data powers modern security insights12:30 AI’s impact on attackers: customized malware and evasion tactics13:30 DNS encryption (DoT, DoH, DoQ): privacy vs. visibility tradeoffs16:00 Where encryption matters most (and where it may not)20:40 Why protective DNS is still the most overlooked security layer23:30 The risks of “log-only” mode and missed prevention opportunities25:20 Zero Trust DNS and controlling where devices can connect29:50 DNSSEC adoption: why it’s uneven and what it really protects34:00 What we’d change about DNS if we could redesign it today37:00 Why DNS still works 40+ years later40:10 Advice for the next generation: no gatekeepers, no excuses42:20 AI vs. human curiosity: what actually creates breakthroughs
 
At its core, this episode is about one idea: there’s no secret sauce. The tools, the knowledge, and the mechanisms are already available. The difference comes down to how we use them.
If you work in security, networking, or IT leadership, this is a grounded, practical look at where DNS fits in the fight—and why it matters more than ever.
Don’t forget to:👍 Like this video if it changed how you think about DNS security🔔 Subscribe for more real conversations with leaders shaping cybersecurity💬 Comment: What’s your biggest takeaway—or where is your DNS strategy falling short?🔗 Share this with someone responsible for network or security architecture
#CyberSecurity #DNS #NetworkSecurity #ZeroTrust #ThreatIntelligence #InfoSec #AI #CyberDefense #DataSecurity #SecurityArchitecture #TheDefendersLog

Most security conversations focus on firewalls, endpoints, and threat detection.
Very few start where many attacks begin.
That’s why this conversation with Chris Buijs stood out.
We unpack why DNS remains one of the most underinvested—and misunderstood—layers in cybersecurity, how automation can strengthen defense (or quietly introduce risk), and why resilient architecture starts with treating foundational infrastructure as strategic.
Chris brings decades of perspective spanning networking, DNS, automation, observability, and cyber defense.
If you care about Zero Trust, resilience, architecture, or the future of defensive infrastructure, this one goes deep.
 
Key Talking Points
00:02:11 – Meaning of “20” & Amsterdam Identity
00:03:00 – Language & Tech Culture (English in Tech)
00:07:38 – Chris’s Origin Story (Early Tech Journey)
00:11:00 – Evolution of Networks (TCP/IP, DNS, DHCP)
00:14:00 – DNS Becomes a Core Focus
00:19:07 – Downtime & “It’s Always DNS” Insight
00:22:00 – Organizational Challenges Around DNS
00:25:00 – Underinvestment in DNS & Infrastructure
00:26:25 – Automation vs Security (DevSecOps Shift)
00:31:21 – Internet Scanning (Shodan, Census, Exposure)
00:34:00 – DNS & NTP Attack Vectors
00:36:39 – Timeless Security Principle (Access Lists)
00:39:05 – Final Advice (DNS in Security Strategy)
00:40:14 – Conversation Wrap-Up
 
If this conversation challenged how you think about cyber defense:
👍 Like this podcast
🔔 Subscribe for more conversations on cyber leadership and resilient architecture💬 Comment with your biggest takeaway from the discussion🔗 Share this with someone responsible for security, networking, or infrastructure strategy
 
#CyberSecurity #DNS #ZeroTrust #NetworkSecurity #CyberDefense #Automation #Infosec #DigitalResilience #SecurityArchitecture #DevSecOps #ThreatDetection #DefendersLog

Cybersecurity is technical. But the humans behind it? That's where it gets complicated.
Nim Nadarajah—CISO and managing partner from Critical Matrix, and one of the sharpest minds in the industry—sits down with host David Redekop for a conversation that goes far beyond firewalls and frameworks.
From the psychology of a breach victim who no longer knows who to trust, to cutting a client's SIEM costs by millions through process, not tools, this episode is a masterclass in what it actually takes to protect an organization in today's threat landscape.
Nim shares the story behind crowdsourcing the discovery of a gold mine (yes, really), why your crown jewels are probably already inside an AI you didn't approve, and what a five-year-old opening the kitchen sink cabinet taught him about zero trust security.
Whether you're a CISO, an MSP, a business owner, or someone who just wants to understand what's actually at stake with agentic AI—this one is for you.
 
Key Discussion Points
00:00 — Intro: Welcome to The Defender's Log
01:34 — Meet Nim Nadarajah: CISO & Managing Partner, Critical Matrix
02:00 — RSAC 2025 recap: 50,000 people, 30,000 steps, and emotional overload
03:18 — The stigma of being hacked: Is the "wall of shame" finally coming down?
05:00 — Competence, confidence, and capability: The 3 Cs of incident readiness
06:04 — Psychology of a breach: The human side of incident response
09:36 — "Who can I trust?" (What it really feels like to be a cyber victim)
12:10 — Nim's origin story: From high school library networks to corporate Canada
15:00 — The Goldcorp Challenge: Crowdsourcing a gold mine before crowdsourcing was a thing
20:31 — Process vs. tools: Why the blank page doesn't care what app you're using
23:00 — AI is everywhere and it's only as good as what you feed it
24:25 — Agentic AI, crown jewels & protecting your intellectual property
26:33 — Shadow AI, 800 firewall rules, and the free-for-all that already happened
29:09 — Zero trust explained through a kitchen sink (and a curious five-year-old)
33:22 — The SIEM transformation that saved millions and paid for itself in a month
37:36 — Dashboard fatigue: Why leaders need signal, not more screens
39:00 — Agentic SOC: Fearfully excited
41:02 — 29 employees, one human: The pure agentic company Nim met at RSAC
43:26 — Vibe coding is real: A salesperson built a privacy app with zero coding experience
46:00 — Ideas are approaching zero value—execution is everything now
46:57 — One sentence for the next generation: "The power of your ideas haven't been created yet."
 
👍 If this hit home, give it a like — it helps more people find these conversations🔔 Follow The Defender's Log so you don't miss the next one💬 Drop a comment — where are you on the process vs. tools debate?🔗 Tag someone in security or leadership who needs to hear this
 
#CyberSecurity #CISO #IncidentResponse #AIRisk #AgenticAI #ZeroTrust #SIEM #ManagedSecurity #CyberLeadership #DataGovernance #CrownJewels #TechStrategy #ProcessOverTools #CyberResilience #TheDefendersLog #Podcast #CyberPodcast #MSP #InfoSec #DigitalTransformation #AIGovernance #CybersecurityLeadership #ToolFatigue #CyberAwareness #RSAC2025

The future of cybersecurity isn’t just about tools—it’s about how we think.
In this conversation, David Redekop sits down with Mitch Prior to unpack what really matters in modern security: from default-deny strategies and local data control to the growing role of AI in filtering signal from noise. What emerges isn’t just a technical discussion—it’s a philosophy.
They explore why certifications don’t always equal capability, how curiosity beats credentials, and why the next generation must learn how to think, not just what to think. As AI accelerates everything around us, the real edge belongs to those who can stay grounded, think critically, and build with intention.
This is a conversation about discipline, trade-offs, and staying ahead without losing control.
Key Discussion Points
01:37 – Meeting Mitch & early Zero Trust conversations03:00 – How we judge people: heuristics vs real understanding05:00 – Certifications vs real-world thinking07:00 – Why learning how to think matters more than ever08:50 – The risk of outsourcing thinking to AI11:56 – Mitch’s origin story in tech14:30 – Privacy, surveillance, and personal responsibility16:00 – The trade-off of having a public voice17:00 – The rise of “AI wranglers”18:50 – Cloud vs local: control vs convenience22:00 – Why default-deny changes everything24:50 – The evolution (and fragility) of the internet31:30 – AI accelerating vulnerabilities33:30 – Real-world AI use case: smarter security cameras38:00 – Extracting signal from noise40:50 – The human edge in an AI-driven world41:30 – Raising the next generation in a tech-first world45:00 – Final thoughts: staying adaptable
 
If this conversation sparked a new way of thinking:👍 Like the video🔔 Subscribe for more real, unfiltered conversations💬 Share your biggest takeaway in the comments🔗 Pass this along to someone who needs to hear it
 
#CyberSecurity #AI #ZeroTrust #DataPrivacy #InfoSec #ArtificialIntelligence #TechLeadership #DigitalSecurity #FutureOfWork #Leadership

Cybersecurity and military defense share the same fundamental principle: you can’t go on offense if you don’t have a secure perimeter.
Steven Elliott’s journey—from a farming community in Kansas to the U.S. Army’s 75th Ranger Regiment, and later into finance and cybersecurity leadership—reveals how disciplined thinking, clear communication, and preparation for uncertainty shape strong decision-makers.
Markets are unpredictable. Technology is complex. Threats—both financial and digital—evolve constantly.
The real advantage comes from understanding risk, simplifying complexity, and building systems that help people make better decisions.
This conversation explores the lessons learned from military operations, financial advisory work, and cybersecurity leadership—and why defense, preparation, and clarity matter more than ever in today’s digital world.
 
Key Discussion Points
00:00 – Why no one can predict financial markets01:00 – Welcome to The Defender’s Log01:28 – Introducing Steven Elliot03:10 – Growing up in Kansas and studying business05:13 – How 9/11 changed Steven’s life path05:36 – Entering finance before the 2008 financial crisis07:17 – An unexpected entry into cybersecurity09:00 – Why simplifying complex ideas matters11:40 – Learning to communicate through storytelling13:10 – Helping clients understand risk and decisions16:20 – The connection between military defense and cybersecurity19:50 – Joining the Army Rangers22:20 – Defense before offense: military priorities of work24:10 – Why planning matters when things go wrong27:30 – A mission that changed everything31:00 – Leadership lessons from crisis and failure35:30 – Forgiveness, responsibility, and resilience41:00 – Leadership, truth, and transparency under pressure46:30 – The consequences of narrative and public attention50:00 – Lessons for leadership and organizations53:00 – AI, technology, and leadership in uncertain times55:30 – Final thoughts: curiosity over fear
 
If this conversation made you think differently about risk, leadership, or cybersecurity:
👍 Like the video so more people can find it🔔 Subscribe for more real conversations with leaders shaping security and technology💬 Share your biggest takeaway in the comments🔗 Pass this episode along to someone navigating risk, leadership, or cybersecurity
 
#CyberSecurity #Leadership #RiskManagement #MilitaryLeadership #DecisionMaking #CyberDefense #BusinessLeadership #SecurityStrategy #TechnologyLeadership #Podcast

Cybersecurity used to be about perimeter defenses and patch cycles.
Now it’s about decision speed, trust, and restraint—especially when AI is involved.
This conversation with Rafael Ramírez moves through decades of engineering experience, real-world incident response, and the uncomfortable reality that AI is scaling faster than governance, policy, and human intuition.
What stands out isn’t hype—it’s discipline. How leaders think about risk, how zero trust becomes a mindset (not a framework), and why AI security fails most often when it’s rushed instead of designed.
 
Key Discussion Points
00:00 – Cybersecurity, curiosity, and being “born an engineer”04:30 – Early systems, reverse engineering, and learning by breaking things10:45 – The moment cybersecurity became real: incident response under pressure17:10 – AI security for small and mid-sized organizations (what actually matters)18:40 – Governance, data, hygiene, and why fundamentals still win22:15 – Why AI is moving faster than strategy can keep up25:00 – The danger of shipping AI before it’s ready29:00 – Deterministic vs. non-deterministic systems (and why it matters)33:20 – Zero Trust as a mindset, not a checkbox37:00 – Guardrails, outbound control, and constraining AI behavior41:30 – AI as a double-edged sword47:10 – Local models, cloud swings, and the return of the edge52:00 – Trust is built over time—just like early firewalls54:40 – Technology, trust, and talent: keeping people at the center
 
If you’re building, defending, or deploying AI inside real organizations, this one will challenge how you think about control, trust, and responsibility.
 
Join the conversation:
👍 Like this episode to support the channel
🔔 Subscribe for more real‑world security insights
💬 Share your biggest AI takeaway in the comments
🔗 Send this episode to a colleague or friend who works in network security
 
#CyberSecurity #AISecurity #ZeroTrust #AILeadership #Technology #RiskManagement #AgenticAI #TheDefendersLog #AdamNetworks #SecurityArchitecture #RiskManagement #CloudSecurity #DefensiveSecurity

Attackers are getting smarter—and the protocol they rely on most isn’t what you think.
In this powerful conversation, David Redekop and Johannes Weber break down how modern malware abuses DNS, why attackers prefer DNS tunneling and exfiltration, and the defensive strategies every organization needs in 2026.
Johannes brings decades of hands‑on experience as a network security specialist, consultant, packet analyst, and educator. Together, they trace the full threat landscape around DNS and explore the evolving tools, behaviors, and techniques shaping the defender’s playbook.⏱️ Chapters & Key Moments
00:00 – Why 90% of malware still depends on DNS
01:00 – A fun start: German names, dual identities & cultural overlaps
03:00 – Johannes’ origin story: LAN parties → network engineer → security consultant
06:00 – You don’t need to code to thrive in network security
07:00 – DNS basics: recursive resolvers vs. authoritative servers
08:00 – How attackers abuse DNS “as designed”
10:30 – Lookalike domains & deceptive URL patterns
11:00 – DGAs (Domain Generation Algorithms) explained
12:00 – Newly registered vs. newly observed domains
14:00 – Aging domains & reputation‑based defense
15:00 – DNS exfiltration: how attackers sneak data out
16:00 – Step‑by‑step breakdown of DNS exfiltration
18:00 – DNS tunneling: when attackers turn DNS into a VPN
19:00 – Why signature‑based defenses fail
21:00 – Deep Query Inspection & entropy analysis
22:00 – Where DNS security belongs in your architecture
24:00 – TXT, NULL, A/AAAA abuse & blocking strategies
27:00 – DNS spoofing & cache poisoning
30:00 – DNSSEC: authentication vs. confidentiality
33:00 – DOH/DOT: privacy vs. visibility
36:00 – TLS interception & enterprise tradeoffs
39:00 – Securing roaming users in a VPN‑less world
41:00 – What Pi‑hole solves at home (and what it won’t)
43:00 – Johannes’ favorite tools: DNSViz, DNSDiag, DNSPing
44:30 – The Ultimate PCAP collection (15 years, 90+ protocols)
46:00 – Why Johannes teaches — and the next generation of defenders
48:00 – Closing thoughts & community resources
🛠️ Mentioned Tools & Resources
DNSViz – DNS trust visualization
DNSDiag / DNSPing – Resolver latency + diagnostic toolkit
Iodine / DNScat2 / DNS‑tunnel tools – Examples of DNS tunneling tech
Ultimate PCAP Collection (Johannes’ blog) – 15 years of protocols for Wireshark trainingIf this helped sharpen your defender instincts:
👍 Like this video to support the channel
🔔 Subscribe for more real‑world security insights
💬 Share your biggest DNS takeaway in the comments
🔗 Send this episode to a teammate or friend who works in network security
 
Together, we make the internet harder to attack — and easier to defend.#CyberSecurity #DNS #DNSSecurity #MalwareAnalysis #DNSExfiltration #DNSTunneling #DNSSEC #DOH #NetworkDefense #PacketAnalysis #Infosec #SecurityPodcast #BlueTeam

The odds remain badly stacked against the defender. As we hurtle toward a digital ecosystem populated by a trillion AI agents, the Universal Threat Ecosystem (UTE) is expanding at an asymmetric rate. The traditional security stack—obsessed with detection and response—is fundamentally broken because it requires a "Patient Zero." It waits for the compromise to occur before it rings the alarm.In this episode of The Defender’s Log, David Redekop sits down with Francois, CISO and partner at ADAMnetworks, to dismantle the "Whack-a-mole" approach to cybersecurity. From the high-stakes world of film production and technical diving to the front lines of cyber warfare, Francois shares how a life spent mitigating physical risk informed a "Default Deny-all" posture.The Asymmetric ChallengeWe are currently witnessing the rise of Generative Adversarial Networks (GANs) in the hands of the adversary. Initial Access Brokers (IAB) and Ransomware-as-a-Service (RaaS) operators are using the defender’s own AI tools to train malware to be invisible. If your strategy relies on identifying "known bad," you have already lost.Why "True Proactive" Defense is Mandatory:Neutralize Egress: If the malware cannot "call home" to its Command & Control (C2), the ATTACK IS DISRUPTED.Eliminate the Patient Zero Requirement: By moving the security boundary to the DNS layer with a Zero Trust Resolver, we stop connections to unknown and unverified entities.Sovereign Capability: Reclaim control over your network’s connectivity. Stop letting the internet happen to you and start shaping it.Detection is a post-mortem. Prevention is sovereignty.Francois and David explore the human element of the "Sheepdog mentality" and why the next generation of Blue Teamers must move beyond the application layer (Layer 7) and harden the foundation of connectivity itself.Key Technical Concepts Discussed:Zero Trust Connectivity (ZTC): Moving beyond identity to strict connection control.OT & IoT Vulnerabilities: Why agentless protection is the only path forward for critical infrastructure.Preemptive Defense: Cutting off the attacker's resources before the infrastructure is even fully deployed.In a world of a trillion AI agents, where the adversary uses your own defenses to train their attacks, can you afford to maintain a "Detect and Respond" posture? At what point does the convenience of an "open" network become an existential liability for your organization?