Named one of the world's top information security podcasts, The Security Ledger Podcast offers in-depth interviews with the top minds in information (cyber) security. Hosted by Paul Roberts, Editor in Chief of The Security Ledger, each podcast is a conver
Lawrence Gentilello, the co-founder and CEO of Optery talks about the growing scandal around breaches at data brokers that have exposed the sensitive data on hundreds of millions of Americans to cyber criminals and how firms like Optery are helping people fight back. The post Episode 258: Broken Brokers – Optery’s Fight To Claw Back Your Personal Data appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesChina Calls Out U.S. For Hacking. The Proof? TBD!A Digital Lock Maker Tried To Squash A DEF CON Talk. It Happened Anyway. Here’s Why.Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk
Chris Walcutt, the CSO at DirectDefense talks about the rapidly changing threat landscape that critical infrastructure owners and operators inhabit, and how savvy firms are managing OT cyber risks. The post Spotlight Podcast: OT Is Under Attack. Now What? appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesSpotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT RiskCiting Attacks On Small Utilities, Dragos Launches Community Defense ProgramFBI: Iranian APT Targets Israeli-Made PLCs Used In Critical Industries
In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. The post Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesCiting Attacks On Small Utilities, Dragos Launches Community Defense ProgramFBI: Iranian APT Targets Israeli-Made PLCs Used In Critical IndustriesChina Calls Out U.S. For Hacking. The Proof? TBD!
Host Paul Roberts speaks with Jim Broome, the CTO and President of DirectDefense about the evolution of cybersecurity threats and how technologies like AI are reshaping the cybersecurity landscape and the work of defenders and Managed Security Service Providers (MSSPs). The post Spotlight Podcast: How AI Is Reshaping The Cyber Threat Landscape appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM InsecurityEpisode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation MovementMalicious Python Packages Target Crypto Wallet Recovery Passwords
In this episode of The Security Ledger Podcast (#257) Paul speaks with Dennis Kengo Oka, a senior principal automotive security strategist at the firm Synopsys about the growing cyber risks to automobiles as connected vehicle features proliferate in the absence of strong cybersecurity protections. The post Episode 257: Securing Software on Wheels with Dennis Kengo Oka of Synopsys appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 257: Securing Software on Wheels withEpisode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation MovementEpisode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity
Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML), about the risks facing large language model machine learning and artificial intelligence, and how organizations looking to leverage artificial intelligence and LLMs can insulate themselves from those risks. The post Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesBitCoins To Bombs: North Korea Funds Military With Billions In Stolen CryptocurrencyChina Calls Out U.S. For Hacking. The Proof? TBD!Episode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation Movement
In this episode of The Security Ledger Podcast (#255) host Paul Roberts interviews Niels Provos of Lacework about his mission to use EDM to teach people about cybersecurity. The post Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesCiting Attacks On Small Utilities, Dragos Launches Community Defense ProgramFBI: Iranian APT Targets Israeli-Made PLCs Used In Critical IndustriesBitCoins To Bombs: North Korea Funds Military With Billions In Stolen Cryptocurrency
Security researcher and IoT hacker Dennis Giese talks about his mission to liberate robot vacuums from the control of their manufacturers, letting owners tinker with their own devices and - importantly - control the data they collect about our most intimate surroundings. The post Episode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation Movement appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesBlack Hat: Colin O’Flynn On Hacking An Oven To Make It Stop LyingEpisode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT
In this Spotlight Security Ledger podcast, Chris Petersen, the CEO and founder of RADICL, talks about his company's mission to protect small and midsized businesses serving the defense industrial base, which are increasingly in the cross-hairs of sophisticated, nation-state actors. The post Spotlight Podcast: RADICL Is Coming To The Rescue Of Defense SMBs appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesFBI: Iranian APT Targets Israeli-Made PLCs Used In Critical IndustriesBitCoins To Bombs: North Korea Funds Military With Billions In Stolen CryptocurrencyIs a DEF CON Village the right way to assess AI risk?
Tanya Janca of the group We Hack Purple, talks with Security Ledger host Paul Roberts about the biggest security mistakes that DevSecOps teams make, and application development's “tragedy of the commons,” as more and more development teams lean on open source code. The post Episode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesSickened by Software? Changing The Way We Talk About 0DaysGitGuardian’s HasMySecretLeaked Is HaveIBeenPwned for DevOpsAttacks on APIs demand a Security Re-Think
In this episode of the podcast, host Paul Roberts speaks with Colin O'Flynn, CTO and founder of the firm NewAE about his work to patch shoddy software on his home's electric oven - and the bigger questions about owners rights to fix, tinker with or replace the software that powers their connected stuff. The post Black Hat: Colin O’Flynn On Hacking An Oven To Make It Stop Lying appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoTEpisode 250: Window Snyder of Thistle on Making IoT Security EasyAttacks on APIs demand a Security Re-Think
In this Spotlight podcast interview, David Monnier of Team Cymru talks about the evolution of the threat intelligence into actionable and target specific “threat reconnaissance.” The post Spotlight Podcast: Are you ready for Threat Reconnaissance? appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesSpotlight Podcast: RADICL Is Coming To The Rescue Of Defense SMBsSpotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELAEpisode 248: GitHub’s Jill Moné-Corallo on Product Security And Supply Chain Threats
Host Paul Roberts speaks with Boyd Multerer, the CEO and founder of Kry10, which has made a secure OS for the Internet of Things. The post Episode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesBlack Hat: Colin O’Flynn On Hacking An Oven To Make It Stop LyingEpisode 250: Window Snyder of Thistle on Making IoT Security EasyEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple
In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle's platform for secure development and deployment of IoT devices. The post Episode 250: Window Snyder of Thistle on Making IoT Security Easy appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack PurpleBlack Hat: Colin O’Flynn On Hacking An Oven To Make It Stop LyingEpisode 251: Kry10 CEO Boyd Multerer on building a secure OS for the IoT
In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. The post Spotlight: Traceable CSO Richard Bird on Securing the API Economy appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack PurpleEpisode 247: Into the AppSec Trenches with Robinhood CSO Caleb SimaSpotlight Podcast: RADICL Is Coming To The Rescue Of Defense SMBs
Paul speaks with Steve Orrin, the Federal CTO at Intel Corp about representing Intel and its technologies to Uncle Sam and the impact of the CHIPS Act a massive new federal investment in semiconductors. The post Episode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesSpotlight Podcast: RADICL Is Coming To The Rescue Of Defense SMBsCiting Attacks On Small Utilities, Dragos Launches Community Defense ProgramThe surveys speak: supply chain threats are freaking people out
In this Spotlight episode of the Security Ledger podcast, I interview Itsik Kesler, the CTO of the threat intelligence firm Kela about the evolution of threat intelligence and findings from the company's latest State of Cybercrime Threat Intelligence report. The post Spotlight: Making the Most of Cyber Threat Intelligence with Itsik Kesler of KELA appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesBitCoins To Bombs: North Korea Funds Military With Billions In Stolen CryptocurrencySpotlight Podcast: RADICL Is Coming To The Rescue Of Defense SMBsBlack Hat: Colin O’Flynn On Hacking An Oven To Make It Stop Lying
In this episode of the Security Ledger Podcast, Paul speaks with Jill Moné-Corallo, the Director of Product Security Engineering Response at GitHub. Jill talks about her journey from a college stint working at Apple's Genius bar, to the information security space - first at product security at Apple and now at GitHub, a massive development platform that is increasingly in the crosshairs of sophisticated cyber criminals and nation-state actors. The post Episode 248: GitHub's Jill Moné-Corallo on Product Security And Supply Chain Threats appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPassEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko Hyppönen
Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks. The post Episode 247: Into the AppSec Trenches with Robinhood CSO Caleb Sima appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPassEpisode 245: How AI is remaking knowledge-based authenticationEpisode 244: ZuoRAT brings APT Tactics to Home Networks
I interview Jack Naglieri, CEO of Panther about the failures of the current SIEM technology and the need for what Naglieri terms “detection engineers." The post Spotlight: SIEMs suck. Panther is out to change that. appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesWhat’s the Future of Detection Teams? Five Predictions for What Lies Ahead Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko Hyppönen
Getting a start-up off the ground isn't easy in the best of times. Now imagine doing it just as a global pandemic is shutting down society...and the economy. Our guest this week, Josh McCarthy of Revelstoke Security, did it and lived to tell the tale. The post Episode 246: SOARing out of Lockdown with Revelstoke Security appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 247: Into the AppSec Trenches with Robinhood CSO Caleb SimaCloudflare Targets Security Poverty Line With Free Tools For At-Risk GroupsSpotlight: SIEMs suck. Panther is out to change that.
Six decades in, password use has tipped into the absurd, while two-factor authentication is showing its limits. We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine learning to re-imagine knowledge-based authentication. The post Episode 245: How AI is remaking knowledge-based authentication appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 247: Into the AppSec Trenches with Robinhood CSO Caleb SimaEpisode 244: ZuoRAT brings APT Tactics to Home NetworksEpisode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass
In this episode of the Security Ledger podcast, brought to you by ReversingLabs, we interview Danny Adamitis (@dadamitis) of Black Lotus Labs about the discovery of ZuoRAT, malware that targets SOHO routers – and is outfitted with APT-style tools for attacking the devices connected to home networks. As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. [MP3] Cyber attacks on small office and home office (or SOHO) routers aren't new. Back in 2016, the malware known as Mirai made headlines across the world by infecting hundreds of thousands of weekly protected SOHO routers and DVR devices and stringing them into […] The post Episode 244: ZuoRAT brings APT Tactics to Home Networks appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko HyppönenEpisode 242: Hacking the Farm (and John Deere) with Sick Codes
Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.” The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko HyppönenEpisode 237: Jacked on the Beanstalk – DeFi's Security Debt Runs Wide, Deep
In our latest podcast, Paul caught up with Sick Codes (@sickcodes) to talk about his now-legendary presentation at the DEF CON Conference in Las Vegas, in which he demonstrated a hack that ran the Doom first person shooter on a John Deere 4240 touch-screen monitor. The post Episode 242: Hacking the Farm (and John Deere) with Sick Codes appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesDEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security, CompetitionFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen
We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable." The post Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko HyppönenFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskDEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security, Competition
In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard's Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as major hacks like the attack on Colonial Pipeline put the focus on resilience and public safety. The post Episode 240: As Stakes Grow, Cyber Policy Needs to “Shift Right”? appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko Hyppönen
Naomi Yusupov, a Chinese Intelligence Analyst at the threat intelligence firm CyberSixGill talks to host Paul Roberts about that company's new report: The Bear and the Dragon: Analyzing the Russian and Chinese Cybercriminal Communities. The post Episode 239: Power shifts from Russia to China in the Cyber Underground appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskEpisode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?Episode 238: Robots Are The Next Frontier In Healthcare Cyber Risk
In this episode of the podcast (#238) we speak with Daniel Brodie, the CTO at the firm Cynerio. about his firm's discovery of a string of critical security flaws in an autonomous medical robot, TUG, that is already deployed in hundreds of clinical settings and the growing issue of medical device insecurity and cyber risks to healthcare providers. The post Episode 238: Robots Are The Next Frontier In Healthcare Cyber Risk appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskEpisode 235: Justine Bone of MedSec on Healthcare InsecurityEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen
The hack of Beanstalk is just the latest major compromise of a decentralized finance (DeFi) platform. In this podcast, Jennifer Fernick of NCC Group joins me to talk about why DeFi's security woes are much bigger than Beanstalk. The post Episode 237: Jacked on the Beanstalk – DeFi's Security Debt Runs Wide, Deep appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko HyppönenEpisode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko HyppönenEpisode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?
we sit down with Christian Sorenson, the former lead of the international cyber warfare team at US Cyber Command and CEO of cybersecurity firm, SightGain, to talk about what we've learned so far from Russia's war in Ukraine, and what may be coming next. The post Episode 236: Cyberwar Takes A Back Seat In Ukraine (For Now) appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?Episode 239: Power shifts from Russia to China in the Cyber UndergroundFeel Good Ukraine Tractor Story Highlights Ag Cyber Risk
In this episode of the podcast (#235) Justine Bone, the CEO of Medsec, joins Paul to talk about cyber threats to healthcare organizations in the age of COVID. Justine's firm works with hospitals and healthcare organizations to understand their cyber risk and defend against attacks, including ransomware. The post Episode 235: Justine Bone of MedSec on Healthcare Insecurity appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 238: Robots Are The Next Frontier In Healthcare Cyber RiskFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen
© 2020-2025 Ivy Podcast Discovery LLC
