Anup GhoshDennis Fisher talks with Anup Ghosh of Invincea about the recent wave of companies admitting to being hacked by APT groups, the difference between cyberespionage and cyberwar, what the government can do to encourage more intelligence sharing and whether compromised companies are spending enough time on attribution.

Download: digital_underground_112

*Podcast audio courtesy of sykboy65

Subscribe to the Digital Underground podcast on 

Categories: Critical Infrastructure, Featured Podcast, Government, Malware, Podcasts, Privacy, Vulnerabilities, Web Security

Comments (7)

  1. Anonymous

    Private companies will not work with each other because it can effectively affect the bottom line.  The feds do not care about the bottom line and the public companies do and if there is nothing in it for them then they will stay quiet.  Why damage a brand when there is no compensation for it.

    BTW – Anup Ghosh is pompous and not very well liked in the security community especially in the federal govermnment because of his my way high way attitude…and his Invincea product does not really work that well.


  2. Anonymous

    I found nothing inappropriate with the content of the interview.  I think Ghosh’s observations and comments were enlightening.  In fact, I believe the man is right on, particularly when it comes to long-term consequences of not taking cyber warfare and espionage seriously.  And I don’t view any of what he said as being exclusively self-serving for him or his company. 

    As to your comments on Ghosh’s alleged infamy within certain governmental circles, perhaps some of his clients are unwilling to ACT on his expert advice and don’t like the accountability associated with taking that action.  But, of course, we never see arrogance displayed in government, do we?  The fact is a brighter light is shining on the US government’s propensity to tell the rest of us to do as they say but not as they do.  This is a credibility issue to be certain.

  3. Jimmy

    Guys, good content, I really appreciate your podcast but you need to improve the sound quality, sometimes it’s really bad

  4. Anonymous

    Anon is correct– the product cannot prevent APTs. Sandboxing does not prevent zero days

  5. Timthetoolmn


    Why damage a brand when there is no compensation? The product has already bin damaged and working together on the problem stops the bleeding out of companies bottom line.

    You know what happened when Iran didn’t share info with other nations about the flame virus.

    The landscape has changed brother and the community need to work together. And if a company wants to do it alone…fine..But when they start losing there bottom line…dont come to me or my tax dollars to bail your dumb-ass out cuz you didn’t want to play ball………………………….period!

  6. Brian Donohue

    Sometimes it is hard to get good sound if they are recorded at a conference or over the phone, but thanks for the feedback. We’ll do our best to remove the static.

  7. Anonymous

    Anon is correct– the product cannot prevent APTs. Sandboxing cannot prevent zero-days.

Comments are closed.