Control D

Control D Security teams waste entire days debugging systems instead of using the full capabilities of DNS — the first mile of security. Most security stacks are bloated.

Trusted by companies like Pinnacle ICT, Data Net Solutions, and public venues such as Massey Hall and Roy Thomson Hall. Control D is DNS Security Orchestration. We help IT leaders, CISOs, and MSPs:

- Stop phishing, ransomware, and malware at the DNS layer (99.97% verified block rate).
- Cut false positives and reduce alert fatigue.
- Simplify bloated stacks with 1,000+ service-level controls.
- D

eploy in minutes — no hardware, no agents, no upsells. Trusted by companies like Pinnacle ICT, Data Net Solutions, and public venues such as Massey Hall and Roy Thomson Hall, Control D turns DNS from your weakest link into your moat.

👉 Start your 30-day risk-free trial at [https://controld.com](https://controld.com/)

06/01/2026

Getting SOC2 certified doesn't mean your company is secure, it means you're good at compliance theater.

John Verry, Managing Director at CBIZ Cybersecurity and ISO 27001 certified lead auditor since 2006, joins the Full Metal Packet podcast to give CISOs a reality check on what compliance actually means in the age of AI.

He explains:

◼ Why even the best-intentioned compliance programs slip into theater, and the one mindset shift that fixes it

◼ How to operationalize security controls inside tools your team already lives in (JIRA, ServiceNow, SharePoint) so nothing falls through the cracks

◼ What shadow AI actually looks like on the ground, and the single control you can implement tomorrow to contain it

◼ Why the EU AI Act (Aug 2026) and ISO 42001 are no longer theoretical, and what a provable AI compliance program looks like right now

◼ Why agentic AI is the risk that should be keeping every CISO up at night: autonomous decisions, no human in the loop, business impact at scale

05/31/2026

You will get breached.

Every security expert already knows this.

The real question is how much damage happens before you contain it.

Devon Ackerman, former FBI agent and head of DFIR at LevelBlue, explains why the shift from breach prevention to blast radius control is the most important conversation in security right now.

Full episode, link in bio.

05/27/2026

Most of the conversation around MFA is about convenience.

Easiest to deploy. Least friction. Highest adoption rate.

Almost nobody asks the more useful question: where does the kill chain actually stop?

Devon Ackerman has worked over a thousand breach investigations. He's seen phishing kits defeat SMS codes without breaking a sweat. Authenticator apps too, if the kit is good enough. The entire software authentication handshake was designed without assuming someone is sitting in the middle, watching in real time.

Hardware keys change that.

When the device has to be physically present to authenticate, there is nothing to intercept. No token crossing the wire. That is typically where the kill chain ends.

One exception: if the certificate is a software file sitting on the machine, it can be stripped and replayed from another device. Rare. Technically demanding. But Devon has seen it.

The practical takeaway has not changed in years:

Hardware key on anything that matters. Not because it is perfect. Because it makes you a harder target than whoever is next on the list.

That is usually enough.

05/26/2026

Most of the conversation around MFA is about convenience.

Easiest to deploy. Least friction. Highest adoption rate.

Almost nobody asks the more useful question: where does the kill chain actually stop?

Devon Ackerman has worked over a thousand breach investigations. He's seen phishing kits defeat SMS codes without breaking a sweat. Authenticator apps too, if the kit is good enough. The entire software authentication handshake was designed without assuming someone is sitting in the middle, watching in real time.

Hardware keys change that.

When the device has to be physically present to authenticate, there is nothing to intercept. No token crossing the wire. That is typically where the kill chain ends.

One exception: if the certificate is a software file sitting on the machine, it can be stripped and replayed from another device. Rare. Technically demanding. But Devon has seen it.

The practical takeaway has not changed in years:

Hardware key on anything that matters. Not because it is perfect. Because it makes you a harder target than whoever is next on the list.

That is usually enough.

05/22/2026

They didn't hack the system.

They called the help desk.

One phone call. A fake IT employee. Some leaked personal info.

The attacker deliberately triggered failed login attempts — so the call center could "confirm" them.

Then asked for a password reset. Then asked to disable MFA temporarily.

"Of course. That's completely normal."

They were in. No malware. No alerts. No anomaly flagged. Just a help desk agent trying to do their job.

Devon Ackerman has investigated over 1,000 breaches. This is what he says the most dangerous ones look like.

Not zero-days. A phone call.

🎧 Full breakdown…link in bio.

05/20/2026

They didn't hack the system.

They called the help desk.

One phone call. A fake IT employee. Some leaked personal info.

The attacker deliberately triggered failed login attempts — so the call center could "confirm" them.

Then asked for a password reset. Then asked to disable MFA temporarily.

"Of course. That's completely normal."

They were in. No malware. No alerts. No anomaly flagged. Just a help desk agent trying to do their job.

Devon Ackerman has investigated over 1,000 breaches. This is what he says the most dangerous ones look like.

Not zero-days. A phone call.

🎧 Full breakdown…link in bio.

05/19/2026

Everyone's racing to automate their defenses.

Nobody's asking what happens when the automation itself becomes the attack surface.

Here's where this is going.

Devon Ackerman just described a case where a client patched within 24 hours of a CVE dropping. The attacker had already been inside for 12. That was considered fast on both sides.

A CVE drops. An AI agent on someone's GPU reads the feed, writes exploit code, finds targets on Shodan, and starts hitting them. Not in a week. Not overnight. In single digit minutes. That's not a prediction. That's feasible right now.

So defenders do the logical thing. They automate their side too. Bots monitoring the same feeds, patching in real time, trying to close holes before attackers walk through them.

Good instinct. Terrible assumption.

Because those bots read. And anything that reads can be fed something malicious.

Imagine a fake CVE where the "attack code" is just a prompt injection designed to execute on your own infrastructure. Your defender bot sees it, flags it as critical, and runs it. You just got owned by your own security tooling.

We're not building an arms race. We're building a trust problem at machine speed.

The question isn't whether you automate. You have to.

It's whether you're thinking about what your automation trusts.

05/09/2026

Most people picture cyberwarfare as highly sophisticated. Targeted. Precise.

That's not what Matan is seeing on the ground.

Iranian hacking groups aren't going for quality targets. They're going for quantity.

Find a company with a visible weakness. Breach it. Grab whatever causes damage fast. Get out. Move to the next one.

No need to dig deeper. No need to stay inside longer than necessary. When your goal is to hit 100 companies in a specific timeframe, efficiency beats sophistication every time.

Matan Eli Matalon has led incident response efforts against these groups firsthand during the recent Israel–Iran war. His take:

→ It's not that they aren't capable. It's that going deeper isn't worth their time.

→ They get to the file server. They find something damaging. They take it and move on.

→ The weapon isn't the breach. It's the propaganda and pressure that comes after.

This changes how defenders need to think.

You're not just competing with a sophisticated actor who picked you specifically. You're competing with a group running attacks at industrial scale with a very short clock.

The ones who get hit hardest aren't always the most valuable targets. They're the easiest ones on the list.

Easy is the problem.

05/09/2026

Most people picture cyberwarfare as highly sophisticated. Targeted. Precise.

That's not what Matan is seeing on the ground.

Iranian hacking groups aren't going for quality targets. They're going for quantity.

Find a company with a visible weakness. Breach it. Grab whatever causes damage fast. Get out. Move to the next one.

No need to dig deeper. No need to stay inside longer than necessary. When your goal is to hit 100 companies in a specific timeframe, efficiency beats sophistication every time.

Matan Eli Matalon has led incident response efforts against these groups firsthand during the recent Israel–Iran war. His take:

→ It's not that they aren't capable. It's that going deeper isn't worth their time.

→ They get to the file server. They find something damaging. They take it and move on.

→ The weapon isn't the breach. It's the propaganda and pressure that comes after.

This changes how defenders need to think.

You're not just competing with a sophisticated actor who picked you specifically. You're competing with a group running attacks at industrial scale with a very short clock.

The ones who get hit hardest aren't always the most valuable targets. They're the easiest ones on the list.

Easy is the problem.

05/08/2026

Your perimeter now spans every continent.

Thousands of edges. Any single one can be the entry point.

And AI is about to make that problem significantly worse. Not just because attackers are getting better tools. But because of what AI is doing to your organization from the inside.

Think about what's already happening.

Specialized roles are blurring. One engineer today does what three people did two years ago.

More responsibilities. More access to internal tooling. More visibility into systems they never touched before.

Fewer humans. More access. More reach into the crown jewels.

That person just became a much larger attack surface.

So while you're trying to figure out how to lock down the perimeter that's already too big to fully cover, AI is quietly removing the internal compartments that were doing some of that work for you.

The locked doors between departments. The separation of concerns baked into your org structure. The layers that slowed an attacker down even after they got in.

AI is opening those up at the same time attackers are getting faster.

Here's what Matan said that stuck with me:

You don't beat this by protecting everything. You beat it by making it not worth their while.

Get to somewhere. Hit a wall. Can't go further. Too hard. Not worth the time.

That's the outcome you're building toward. Not a perfect perimeter. A dead end for anyone who gets through.

The attack surface will keep growing. The crown jewels won't move.

Address

555 Richmond Street West
Toronto, ON
M5V3B1

Website

Alerts

Be the first to know and let us send you an email when Control D posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Share

Category