Sign up to save your podcasts
Or
Share A Conversation with Patrick Duffy from Material Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
A Conversation with Patrick Duffy from Material Security
➡ Secure what your business is made of with Martial Security:
https://material.security/
In this episode, I speak with Patrick Duffy from Material Security about modern approaches to email and cloud workspace security—especially how to prevent and contain attacks across platforms like Google Workspace and Microsoft 365.
We talk about:
• Proactive Security for Email and Cloud Platforms
How Material goes beyond traditional detection by locking down high-risk documents and inboxes preemptively—using signals like time, access patterns, content sensitivity, and anomalous user behavior.
• Real-World Threats and Lateral Movement
What the team is seeing in the wild—from phishing and brute-force attacks to internal data oversharing—and how attackers are increasingly moving laterally through cloud ecosystems using a single set of compromised credentials.
• Customizable, Context-Aware Response Workflows
How Material helps teams right-size their responses based on risk appetite, enabling fine-grained actions like MFA prompts, access revocation, or full session shutdowns—triggered by dynamic, multi-signal rule sets.
Subscribe to the newsletter at:
https://danielmiessler.com/subscribe
Join the UL community at:
https://danielmiessler.com/upgrade
Follow on X:
https://x.com/danielmiessler
Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler
Chapters:
00:00 - Welcome & High-Level Overview of Material Security
02:04 - Common Threats: Phishing and Lateral Movement in Cloud Office
05:30 - Access Control in Collaborative Workspaces (2FA, Just-in-Time, Aging Content)
08:43 - Connecting Signals: From Login to Exfiltration via Rule Automation
12:25 - Real-World Scenario: Suspicious Login and Automated Response
15:08 - Rules, Templates, and Customer Customization at Onboarding
18:46 - Accidental Risk: Sensitive Document Sharing and Exposure
21:04 - Security Misconfigurations and Internal Abuse Cases
23:43 - Full Control Points: IP, Behavior, Classification, Sharing Patterns
27:50 - Integrations, Notifications, and Real-Time Security Team Coordination
31:13 - Lateral Movement: How Attacks Spread Across the Workspace
34:25 - Use Cases Involving Google Gemini and AI Exposure Risks
36:36 - Upcoming Features: Deeper Remediation and Contextual Integration
39:30 - Closing Thoughts and Where to Learn More
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
View all episodes
By Daniel Miessler
4.6
135135 ratings
➡ Secure what your business is made of with Martial Security:
https://material.security/
In this episode, I speak with Patrick Duffy from Material Security about modern approaches to email and cloud workspace security—especially how to prevent and contain attacks across platforms like Google Workspace and Microsoft 365.
We talk about:
• Proactive Security for Email and Cloud Platforms
How Material goes beyond traditional detection by locking down high-risk documents and inboxes preemptively—using signals like time, access patterns, content sensitivity, and anomalous user behavior.
• Real-World Threats and Lateral Movement
What the team is seeing in the wild—from phishing and brute-force attacks to internal data oversharing—and how attackers are increasingly moving laterally through cloud ecosystems using a single set of compromised credentials.
• Customizable, Context-Aware Response Workflows
How Material helps teams right-size their responses based on risk appetite, enabling fine-grained actions like MFA prompts, access revocation, or full session shutdowns—triggered by dynamic, multi-signal rule sets.
Subscribe to the newsletter at:
https://danielmiessler.com/subscribe
Join the UL community at:
https://danielmiessler.com/upgrade
Follow on X:
https://x.com/danielmiessler
Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler
Chapters:
00:00 - Welcome & High-Level Overview of Material Security
02:04 - Common Threats: Phishing and Lateral Movement in Cloud Office
05:30 - Access Control in Collaborative Workspaces (2FA, Just-in-Time, Aging Content)
08:43 - Connecting Signals: From Login to Exfiltration via Rule Automation
12:25 - Real-World Scenario: Suspicious Login and Automated Response
15:08 - Rules, Templates, and Customer Customization at Onboarding
18:46 - Accidental Risk: Sensitive Document Sharing and Exposure
21:04 - Security Misconfigurations and Internal Abuse Cases
23:43 - Full Control Points: IP, Behavior, Classification, Sharing Patterns
27:50 - Integrations, Notifications, and Real-Time Security Team Coordination
31:13 - Lateral Movement: How Attacks Spread Across the Workspace
34:25 - Use Cases Involving Google Gemini and AI Exposure Risks
36:36 - Upcoming Features: Deeper Remediation and Contextual Integration
39:30 - Closing Thoughts and Where to Learn More
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
More shows like Unsupervised Learning
View all
Hacked
186 Listeners
Security Now (Audio)
2,004 Listeners
Risky Business
372 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,027 Listeners
Smashing Security
318 Listeners
Click Here
417 Listeners
Darknet Diaries
8,068 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
315 Listeners
Practical AI
203 Listeners
AWS Podcast
204 Listeners
Machine Learning Street Talk (MLST)
97 Listeners
Cybersecurity Headlines
140 Listeners
Moonshots with Peter Diamandis
566 Listeners