Sign up to save your podcasts
Or
Share A Conversation with Patrick Duffy from Material Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
A Conversation with Patrick Duffy from Material Security
➡ Secure what your business is made of with Martial Security:
https://material.security/
In this episode, I speak with Patrick Duffy from Material Security about modern approaches to email and cloud workspace security—especially how to prevent and contain attacks across platforms like Google Workspace and Microsoft 365.
We talk about:
• Proactive Security for Email and Cloud Platforms
How Material goes beyond traditional detection by locking down high-risk documents and inboxes preemptively—using signals like time, access patterns, content sensitivity, and anomalous user behavior.
• Real-World Threats and Lateral Movement
What the team is seeing in the wild—from phishing and brute-force attacks to internal data oversharing—and how attackers are increasingly moving laterally through cloud ecosystems using a single set of compromised credentials.
• Customizable, Context-Aware Response Workflows
How Material helps teams right-size their responses based on risk appetite, enabling fine-grained actions like MFA prompts, access revocation, or full session shutdowns—triggered by dynamic, multi-signal rule sets.
Subscribe to the newsletter at:
https://danielmiessler.com/subscribe
Join the UL community at:
https://danielmiessler.com/upgrade
Follow on X:
https://x.com/danielmiessler
Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler
Chapters:
00:00 - Welcome & High-Level Overview of Material Security
02:04 - Common Threats: Phishing and Lateral Movement in Cloud Office
05:30 - Access Control in Collaborative Workspaces (2FA, Just-in-Time, Aging Content)
08:43 - Connecting Signals: From Login to Exfiltration via Rule Automation
12:25 - Real-World Scenario: Suspicious Login and Automated Response
15:08 - Rules, Templates, and Customer Customization at Onboarding
18:46 - Accidental Risk: Sensitive Document Sharing and Exposure
21:04 - Security Misconfigurations and Internal Abuse Cases
23:43 - Full Control Points: IP, Behavior, Classification, Sharing Patterns
27:50 - Integrations, Notifications, and Real-Time Security Team Coordination
31:13 - Lateral Movement: How Attacks Spread Across the Workspace
34:25 - Use Cases Involving Google Gemini and AI Exposure Risks
36:36 - Upcoming Features: Deeper Remediation and Contextual Integration
39:30 - Closing Thoughts and Where to Learn More
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
View all episodes
By Daniel Miessler
4.6
134134 ratings
➡ Secure what your business is made of with Martial Security:
https://material.security/
In this episode, I speak with Patrick Duffy from Material Security about modern approaches to email and cloud workspace security—especially how to prevent and contain attacks across platforms like Google Workspace and Microsoft 365.
We talk about:
• Proactive Security for Email and Cloud Platforms
How Material goes beyond traditional detection by locking down high-risk documents and inboxes preemptively—using signals like time, access patterns, content sensitivity, and anomalous user behavior.
• Real-World Threats and Lateral Movement
What the team is seeing in the wild—from phishing and brute-force attacks to internal data oversharing—and how attackers are increasingly moving laterally through cloud ecosystems using a single set of compromised credentials.
• Customizable, Context-Aware Response Workflows
How Material helps teams right-size their responses based on risk appetite, enabling fine-grained actions like MFA prompts, access revocation, or full session shutdowns—triggered by dynamic, multi-signal rule sets.
Subscribe to the newsletter at:
https://danielmiessler.com/subscribe
Join the UL community at:
https://danielmiessler.com/upgrade
Follow on X:
https://x.com/danielmiessler
Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler
Chapters:
00:00 - Welcome & High-Level Overview of Material Security
02:04 - Common Threats: Phishing and Lateral Movement in Cloud Office
05:30 - Access Control in Collaborative Workspaces (2FA, Just-in-Time, Aging Content)
08:43 - Connecting Signals: From Login to Exfiltration via Rule Automation
12:25 - Real-World Scenario: Suspicious Login and Automated Response
15:08 - Rules, Templates, and Customer Customization at Onboarding
18:46 - Accidental Risk: Sensitive Document Sharing and Exposure
21:04 - Security Misconfigurations and Internal Abuse Cases
23:43 - Full Control Points: IP, Behavior, Classification, Sharing Patterns
27:50 - Integrations, Notifications, and Real-Time Security Team Coordination
31:13 - Lateral Movement: How Attacks Spread Across the Workspace
34:25 - Use Cases Involving Google Gemini and AI Exposure Risks
36:36 - Upcoming Features: Deeper Remediation and Contextual Integration
39:30 - Closing Thoughts and Where to Learn More
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
More shows like Unsupervised Learning
View all
Security Now (Audio)
1,961 Listeners
Risky Business
363 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
634 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
CyberWire Daily
1,006 Listeners
Smashing Security
313 Listeners
Click Here
387 Listeners
Darknet Diaries
7,836 Listeners
Cybersecurity Today
142 Listeners
CISO Series Podcast
182 Listeners
Hacking Humans
310 Listeners
Defense in Depth
72 Listeners
Cyber Security Headlines
120 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
159 Listeners