In this episode, Tom and Scotti take listeners behind the curtain at Cordant, revealing how the team collaboratively approaches designing IT solutions—from infrastructure to cybersecurity. Framed around a hypothetical greenfield deployment, the discussion is a rapid-fire breakdown of their go-to tools, platforms, and philosophies—covering everything from hypervisors and SIEM solutions to code repositories and discovery tools.
Key Topics Covered:
- Discovery & Strategy Process:
The Cordant methodology: discovery, internal collaboration, and experience-based solution building. - VMware & Broadcom Fallout:
Tom discusses why VMware remains the on-prem hypervisor of choice, despite Broadcom's pricing and licensing challenges. Alternatives are weighed, including cloud-native VMs and infrastructure consolidation strategies. - SIEM & Logging Solutions:
Scotti explores cost-effective approaches to log management, weighing Splunk, Microsoft Sentinel, and CrowdStrike SIEM. He stresses the need to align tooling with organisational maturity and internal expertise, cautioning against over-investment in underutilised platforms. - Code Repositories:
The team debates GitHub, GitLab, Bitbucket, and cloud-native options. Security, ease-of-use, and deployment flexibility are discussed, especially in contexts requiring data sovereignty or air-gapped environments. - Discovery Tooling & Attack Surface Management:
With evolving threats shifting from network-focused to identity-centric attacks, Scotti outlines the importance of modern asset discovery tools like RunZero, AssetNote, and Wiz. He advocates for agentless, comprehensive visibility across hybrid environments.
Key Takeaways:
- Vendor selection should reflect organisational context—not just feature sets.
- Tooling must match internal capability; gold-plated tech without operational maturity offers little value.
- Identity, not infrastructure, is the modern threat frontier—external and internal visibility is critical.
- Cloud-native and hybrid strategies should be evaluated tactically and strategically, not reactively.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by Audiochuck Media Company.
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.