Episode 13 - Battle-Hardened Research: Navigating the Intersection of AI and Open Source

About the episode

Richard Bejtlich sits down with Ali Islam to pull back the curtain on how a security research lab functions within a modern security company. Moving beyond the "ivory tower" of academia, Ali explains why researchers must be battle-hardened by real-world threat actor techniques to remain effective in the field. The conversation dives into Corelight’s unique commitment to the open source community through the direct funding of Zeek and Suricata developers, ensuring that community-driven tools can scale to meet massive enterprise traffic demands. Finally, they explore the accelerating role of artificial intelligence in cybersecurity, weighing its ability to reduce analyst fatigue against the growing sophistication of AI-powered phishing and malware development.

Episode transcript

Transcript coming soon...

Richard Bejtlich

Strategist & Author in Residence

Richard is strategist and author in residence at Corelight. He was previously chief security strategist at FireEye, and Mandiant's CSO when FireEye acquired Mandiant in 2013. At General Electric, as director of incident response, he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). Richard began his digital security career as a military intelligence officer in 1997 at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA). Richard is a graduate of Harvard University and the United States Air Force Academy. His fourth book is 'The Practice of Network Security Monitoring'. He also writes for his blog and Mastodon.