Episode 9 - Rapid Fire Judgement

In this episode, Tom and Scotti take listeners behind the curtain at Cordant, revealing how the team collaboratively approaches designing IT solutions—from infrastructure to cybersecurity. Framed around a hypothetical greenfield deployment, the discussion is a rapid-fire breakdown of their go-to tools, platforms, and philosophies—covering everything from hypervisors and SIEM solutions to code repositories and discovery tools. Key Topics Covered: Discovery & Strategy Process: The Cordant methodology: discovery, internal collaboration, and experience-based solution building. VMware & Broadcom Fallout: Tom discusses why VMware remains the on-prem hypervisor of choice, despite Broadcom's pricing and licensing challenges. Alternatives are weighed, including cloud-native VMs and infrastructure consolidation strategies. SIEM & Logging Solutions: Scotti explores cost-effective approaches to log management, weighing Splunk, Microsoft Sentinel, and CrowdStrike SIEM. He stresses the need to align tooling with organisational maturity and internal expertise, cautioning against over-investment in underutilised platforms. Code Repositories: The team debates GitHub, GitLab, Bitbucket, and cloud-native options. Security, ease-of-use, and deployment flexibility are discussed, especially in contexts requiring data sovereignty or air-gapped environments. Discovery Tooling & Attack Surface Management: With evolving threats shifting from network-focused to identity-centric attacks, Scotti outlines the importance of modern asset discovery tools like RunZero, AssetNote, and Wiz. He advocates for agentless, comprehensive visibility across hybrid environments. Key Takeaways: Vendor selection should reflect organisational context—not just feature sets. Tooling must match internal capability; gold-plated tech without operational maturity offers little value. Identity, not infrastructure, is the modern threat frontier—external and internal visibility is critical. Cloud-native and hybrid strategies should be evaluated tactically and strategically, not reactively.

There are no comments yet.

Please log in to write the first comment.