Podcasts about Black hat

Welcome back to the Ultimate Guide to Partnering® Podcast. AI agents are your next customers. Subscribe to our Newsletter: https://theultimatepartner.com/ebook-subscribe/ Check Out UPX:https://theultimatepartner.com/experience/ https://youtu.be/vEdq8rpBM3I In this data-rich keynote, Jay McBain deconstructs the tectonic shifts reshaping the $5.3 trillion global technology industry, arguing that we are entering a new 20-year cycle where traditional direct sales models are obsolete. McBain explains why 96% of the industry is now surrounded by partners and how successful companies must pivot from “flywheels and theory” to a granular strategy focused on the seven specific partners present in every deal. From the explosion of agentic AI and the $163 billion marketplace revolution to the specific mechanics of multiplier economics, this discussion provides a roadmap for navigating the “decade of the ecosystem” where influence, trust, and integration—not just product—determine winners and losers. Key Takeaways Half of today's Fortune 500 companies will likely vanish in the next 20 years due to the shift toward AI and ecosystem-led models. Every B2B deal now involves an average of seven trusted partners who influence the decision before a vendor even knows a deal exists. Microsoft has outpaced AWS growth for 26 consecutive quarters largely because of a superior partner-led geographic strategy. Marketplaces are projected to grow to $163 billion by 2030, with nearly 60% of deals involving partner funding or private offers. The “Multiplier Effect” is the new ROI, where partners can make up to $8.45 for every dollar of vendor product sold. Future dominance relies on five key pillars: Platform, Service Partnerships, Channel Partnerships, Alliances, and Go-to-Market orchestration. If you're ready to lead through change, elevate your business, and achieve extraordinary outcomes through the power of partnership—this is your community. At Ultimate Partner® we want leaders like you to join us in the Ultimate Partner Experience – where transformation begins. Keywords: Jay McBain, Canalys, partner ecosystem, channel chief, agentic AI, marketplace growth, multiplier economics, B2B sales trends, tech industry forecast, service partnerships, strategic alliances, Microsoft vs AWS, distribution transformation, managed services growth, SaaS platforms, customer journey mapping, 28 moments of truth, future of reselling, technology spending 2025, ecosystem orchestration, partner multipliers. T Transcript: Jay McBain WORKFILE FOR TRANSCRIPT [00:00:00] Vince Menzione: Just up from, did you Puerto Rico last night? Puerto Rico, yes. Puerto Rico. He dodged the hurricane. Um, you all know him. Uh, let him introduce himself for those of you who don’t, but just thrilled to have on the stage, again, somebody who knows more about what’s going on in, in the, and has the pulse on this industry probably than just about anybody I know personally. [00:00:21] Vince Menzione: J Jay McBain. Jay, great to see you my friend. Alright, thank you. We have to come all the way. We live, we live uh, about 20 minutes from each other. We have to come all the way to Reston, Virginia to see each other, right? That’s right. Very good. Well, uh, that’s all over to you, sir. Thank you. [00:00:35] Jay McBain: Alright, well thank you so much. [00:00:36] Jay McBain: I went from 85 degrees yesterday to 45 today, but I was able to dodge that, uh, that hurricane, uh, that we kind of had to fly through the northern edge of, uh, wanna talk today about our industry, about the ultimate partner. I’m gonna try to frame up the ultimate partner as I walk through the data and the latest research that, uh, that we’ve been doing in the market. [00:00:56] Jay McBain: But I wanted to start here ’cause our industry moves in 20 year cycles, and if you look at the Fortune 500 and dial back 20 years from today, 52% of them no longer exist. As we step into the next 20 year AI era, half of the companies that we know and love today are not gonna exist. So we look at this, and by the way, if you’re not in the Fortune 500 and you don’t have deep pockets to buy your way outta problems, 71% of tech companies fail over the course of 10 years. [00:01:30] Jay McBain: Those are statistics from the US government. So I start to look at our industry and you know, you may look at the, you know, mainframe era from the sixties and seventies, mini computers, August the 12th, 1981, that first IBM, PC with Microsoft dos, version one, you know, triggered. A new 20 year era of client server. [00:01:51] Jay McBain: It was the time and I worked at IBM for 17 years, but there was a time where Bill Gates flew into Boca Raton, Florida and met with the IBM team and did that, you know, fancy licensing agreement. But after, you know, 20 years of being the most valuable company in the world and 13 years of antitrust and getting broken up, almost like at and TIBM almost didn’t make payroll. [00:02:14] Jay McBain: 13 years after meeting Bill Gates. Yeah, that’s how quickly things change in these eras. In 1999, a small company outta San Francisco called salesforce.com got its start. About 10 years later, Jeff Bezos asked a question in a boardroom, could we rent out our excess capacity and would other companies buy it? [00:02:35] Jay McBain: Which, you know, most people in the room laughed at ’em at the time. But it created a 20 year cloud era when our friends, our neighbors, our family. Saw Chachi PT for the first time in March of 2023. They saw the deep fakes, they saw the poetry, they saw the music. They came to us as tech people and said, did we just light up Skynet? [00:02:58] Jay McBain: And that consumer trend has triggered this next 20 years. I could walk through the richest people in the world through those trends. I could walk through the most valuable companies. It all aligns. ’cause by the way, Apple’s no longer at the top. Nvidia is at the top, Microsoft. Second, things change really quickly. [00:03:17] Jay McBain: So in that course of time, you start to look at our industry and as people are talking about a six and a half or $7 trillion build out of ai, that’s open AI and Microsoft numbers, that is bigger than our industry that’s taken over 50 years to build. This year, we’re gonna finish the year at $5.3 trillion. [00:03:36] Jay McBain: That’s from the smallest flower shop to the biggest bank. Biggest governments that Caresoft would, uh, serve biggest customer in the world is actually the federal government of the us. But you look at this pie chart and you look at the changes that we’re gonna go through over the next 20 years, there’s about a trillion dollars in hardware. [00:03:54] Jay McBain: There’s about a trillion dollars in software. If you look forward through all of the merging trends, quantum computing, humanoid robots, all the things that are coming that dollar to dollar software to hardware will continue to exist all the way through. We see services making up almost two thirds of this pie. [00:04:13] Jay McBain: Yesterday I was in a telco conference with at and t and Verizon and T-Mobile and some of the biggest wireless players and IT services, which happen to be growing faster than products. At the moment, there is more work to be done wrapping around the deal than the actual products that the customer is buying. [00:04:32] Jay McBain: So in an industry that’s growing at 7%. On top of the world economy that’s grown at 2.2. This is the fastest growing industry, and it will be at least for the next 10 years, if not 2070 0.1% of this entire $5 trillion gets transacted through partners. While what we’re talking to today about the ultimate partner, 96% of this industry is surrounded by partners in one way or another. [00:05:01] Jay McBain: They’re there before the deal. They’re there at the deal. They’re there after the deal. Two thirds of our industry is now subscription consumption based. So every 30 days forever, and a customer for life becomes everything. So if every deal in medium, mid-market, and higher has seven partners, according to McKinsey, who are those seven people trying to get into the deal? [00:05:25] Jay McBain: While there’s millions of companies that have come into tech over the last 10 to 20 years. Digital agencies, accountants, legal firms, everybody’s come in. The 250,000 SaaS companies, a million emerging tech companies, there’s a big fight to be one of those seven trusted people at the table. So millions of companies and tens of millions of people our competing for these slots. [00:05:49] Jay McBain: So one of the pieces of research I’m most proud of, uh, in my analyst career is this. And this took over two years to build. It’s a lot of logos. Not this PowerPoint slide, but the actual data. Thousands of people hours. Because guess what? When you look at partners from the top down, the top 1000 partners, by capability and capacity, not by resale. [00:06:15] Jay McBain: It’s not a ranking of CDW and insight and resale numbers. It is the surrounding. Consulting, design, architecture, implementations, integrations, managed services, all the pieces that’s gonna make the next 20 years run. So when you start to look at this, 98% of these companies are private, so very difficult to get to those numbers and, uh, a ton of research and help from AI and other things to get this. [00:06:41] Jay McBain: But this is it. And if you look at this list, there’s a thousand logos out of the million companies. There’s a thousand logos that drive two thirds of all tech services in the world. $1.07 trillion gets delivered by a thousand companies, but here’s where it gets fun. Those companies in the middle, in blue, the 30 of them deliver more tech services than the next 970. [00:07:08] Jay McBain: Combined the 970 combined in white deliver more tech services. Then the next million combined. So if you think we live in an 80 20 rule or maybe a 99, a 95 5 rule, or a 99 1 rule, we actually live in a 99.9 0.1 parallel principle. These companies spread around the world evenly split across the uh, different regions. [00:07:35] Jay McBain: South Africa, Latin America, they’re all over. They split. They split among types. All of the Venn diagram I just showed from GSIs to VARs to MSPs, to agencies and other types of companies. But this is a really rich list and it’s public. So every company in the world now, if you’re looking at Transactable data, if you’re looking at quantifiable data that you can go put your revenue numbers against, it represents 70 to 80% of every company in this room’s Tam. [00:08:08] Jay McBain: In one piece of research. So what do you do below that? How do you cover a million companies that you can’t afford to put a channel account manager? You can’t afford to write programs directly for well after the top down analysis and all the wallet share and you know exactly where the lowest hanging fruit is for most of your tam. [00:08:28] Jay McBain: The available markets. The obtainable markets. You gotta start from the community level grassroots up. So you need to ask the question for the million companies and the maybe a hundred thousand companies out there, partner companies that are surrounding your customer. These are the seven partners that surround your customer. [00:08:48] Jay McBain: What do they read, where do they go, and who do they follow? Interestingly enough, our industry globally equates to only a thousand watering holes, a thousand companies at the top, a thousand places at the bottom. 35% of this audience we’re talking. Millions of people here love events and there’s 352 of them like this one that they love to go to. [00:09:13] Jay McBain: They love the hallway chats, they love the hotel lobby bar, you know, in a time reminded by the pandemic. They love to be in person. It’s the number one way they’re influenced. So if you don’t have a solid event strategy and you don’t have a community team out giving out socks every week, your competitors might beat you. [00:09:31] Jay McBain: 12% of this audience loves podcasts. It’s the Joe Rogan effect of our industry. And while you know, you may not think the 121 podcasts out there are important, well, you’re missing 12% of your audience. It’s over a million people. If you’re not on a weekly podcast in one of these podcasts in the world, there’s still people that read one of the 106 magazines in the world. [00:09:55] Jay McBain: There are people that love peer groups, associations, they wanna be part of this. There’s 15 different ways people are influenced. And a solid grassroots strategy is how you make this happen. In the last 10 years, we’ve created a number of billionaires. Bottom up. They never had to go talk to la large enterprise. [00:10:15] Jay McBain: They never had to go build out a mid-market strategy. They just went and give away socks and new community marketing. And this has created, I could rip through a bunch of names that became unicorns just in the last couple of years, bottoms up. You go back to your board walking into next year, top down, bottom up. [00:10:34] Jay McBain: You’ve covered a hundred percent of your tam, and now you’ve covered it with names, faces, and places. You haven’t covered it with a flywheel or a theory. And for 44 years, we have gone to our board every fourth quarter with flywheels and theory. Trust me, partners are important. The channel is key to us. [00:10:57] Jay McBain: Well, let’s talk at the point of this granularity, and now we’re getting supported by technology 261 entrepreneurs. Many of them in the room actually here that are driving this ability to succeed with seven partners in every deal to exchange data to be able to exchange telemetry of these prospects to be able to see twice or three times in terms of pipeline of your target addressable market. [00:11:26] Jay McBain: All these ai, um, technologies, agentic technologies are coming into this. It’s all about data. It’s all about quantifiable names, faces, and places. Now none of us should be walking around with flywheels, so let’s flip the flywheels. No. Uh, so we also look at, and I sold PCs for 17 years and that was in the high times of 40% margins for partners. [00:11:55] Jay McBain: But one interesting thing when you study the p and l for broad base of partners around the world, it’s changed pretty significantly in this last 20 year era. What the cloud era did is dropped hardware from what used to be 84% plus the break fix and things that wrap around it of the p and l to now 16% of every partner in the world. [00:12:16] Jay McBain: 84% of their p and l is now software and services. And if you look at profitability, it’s worse. It’s actually 87% is profitability wise. They’ve completely shifted in terms of where they go. Now we look at other parts of our market. I could go through every part of the pie of the slide, but we’re watching each of the companies, and if you can see here, this is what we want to talk about in terms of ultimate partner. [00:12:43] Jay McBain: Microsoft has outgrown AWS for 26 straight quarters. They don’t have a better product. They don’t have a better price, they don’t have better promotion. It’s all place. And I’ll explain why you guess here in the light green line. Exactly. The day that Google went a hundred percent all in partner, every deal, even if a deal didn’t have a partner, one of the 4% of deals that didn’t have a partner, they injected a partner. [00:13:09] Jay McBain: You can see on the left side exactly where they did it. They got to the point of a hundred percent partner driven. Rebuilt their programs, rebuilt their marketplace. Their marketplace is actually larger than Microsoft’s, and they grew faster than Microsoft. A couple of those quarters. It is a partner driven future, and now I have Oracle, which I just walked by as I walked from the hotel. [00:13:31] Jay McBain: Oracle with their RPOs will start to join. Maybe the list of three hyperscalers becomes the list of four in future slides, but that’s a growth slide. Market share is different. AWS early and commanding lead. And it plays out, uh, plays out this way. But we’re at an interesting moment and I stood up six years ago talking about the decade of the ecosystem after we went through a decade of sales starting in 1999 when we all thought we were born to be salespeople. [00:14:02] Jay McBain: We managed territories with our gut. The sales tech stack would have it different, that sales was a science, and we ended the decade 2009, looking at sales very differently in 2009. I remember being at cocktail parties where CMOs would be joking around that 50% of their marketing dollars were wasted. They just didn’t know which 50%. [00:14:23] Jay McBain: And I’ll tell you, that was really funny. In 2009 till every 58-year-old CMO got replaced by a 38-year-old growth hacker who walked in with 15,348 SaaS companies in their MarTech and ad tech stack to solve the problem, every nickel of marketing by 2019 was tracked. Marketo, Eloqua, Pardot, HubSpot, driving this industry. [00:14:50] Jay McBain: Now, we stood up and said the 28 moments that come before a sale are pretty much all partner driven. In the best case scenario, a vendor might see four of the moments. They might come to your website, maybe they read an ebook, maybe they have a salesperson or a demo that comes in. That’s four outta 28 moments. [00:15:10] Jay McBain: The other 24 are done by partners. Yeah, in the worst case scenario and the majority scenario, you don’t see any of the moments. All 28 happen and you lose a deal without knowing there ever was a deal. So this is it. We need to partner in these moments and we need to inject partners into sales and marketing, like no time before, and this was the time to do it. [00:15:33] Jay McBain: And we got some feedback in the Salesforce state of sales report, which doesn’t involve any partnerships or, or. Channel Chiefs or anything else. This is 5,500 of the biggest CROs in the world that obviously use Salesforce. 89% of salespeople today use partners every day. For the 11% who don’t, 58% plan two within a year. [00:15:57] Jay McBain: If you add those two numbers together, that’s magically the 96% number. They recognize that every deal has partners in it. In 2024, last year, half of the salespeople in the world, every industry, every country. Miss their numbers. For the minority who made their numbers, 84 point percent pointed to partners as the reason why they made their numbers. [00:16:21] Jay McBain: It was the cheat code for sales, so that modern salesperson that knows how to orchestrate a deal, orchestrate the 28 moments with the seven partners and get to that final spot is the winning formula. HubSpot’s number in separate research was 84% in marketing. So we’re starting to see partners in here. We don’t have to shout from the mountaintops. [00:16:44] Jay McBain: These communities like ultimate Partner are working and we’re getting this to the highest levels in the board. And I’ll say that, you know, when 20 years from now half of the companies we know and love fail after we’re done writing the book and blaming the CEO for inventing the thing that ended up killing them, blaming the board for fiduciary responsibility and letting it happen. [00:17:06] Jay McBain: What are the other chapters of the book? And I think it’s all in one slide. We are in this platform economy and the. [00:17:31] Jay McBain: So your battery’s fine. Check, check, check, check. Alright, I’ll, I’ll just hold this in case, but the companies that execute on all five of these areas, well. Not only today become the trillion dollar valued companies, but they become the companies of tomorrow. These will be the fastest growing companies at every level. [00:17:50] Jay McBain: Not only running a platform business, but participating in other platforms. So this is how it breaks out, and there are people at very senior levels, at very big companies that have this now posted in the office of the CEO winning on integrations is everything. We just went through a demographic shift this year where 51% of our buyers are born after 1982. [00:18:15] Jay McBain: Millennials are the number one buyer of the $5 trillion. Their number one buying criteria is not service. Support your price, your brand reputation, it’s integrations. The buy a product, 80% is good as the next one if it works better in their environment. 79% of us won’t buy a car unless it has CarPlay or Android Auto. [00:18:34] Jay McBain: This is an integration world. The company with the most integrations win. Second, there are seven partners that surround the customer. Highly trusted partners. We’re talking, coaching the customer’s, kids soccer team, having a cottage together up at the lake. You know, best men, bate of honors at weddings type of relationships. [00:18:57] Jay McBain: You can’t maybe have all seven, but how does Microsoft beat AWS? They might have had two, three, or four of them saying nice things about them instead of the competition. Winning in service partnerships and channel partnerships changes by category. If you’re selling MarTech, only 10% of it today is resold, so you build more on service partnerships. [00:19:18] Jay McBain: If you’re in cybersecurity today, 91.6% of it is resold. Transacted through partners. So you build a lot of channel partnerships, plus the service partnerships, whatever the mix is in your category, you have to have two or three of those seven people. Saying nice things about you at every stage of the customer journey. [00:19:38] Jay McBain: Now move over to alliances. We have already built the platforms at the hyperscale level. We’ve built the platforms within SaaS, Salesforce, ServiceNow, Workday, Marketo, NetSuite, HubSpot. Every buyer has a set of platforms that they buy. We’ve now built them in cybersecurity this year out of 6,500 as high as cyber companies, the top five are starting to separate. [00:20:02] Jay McBain: We built it in distribution, which I’ll show in a minute. We’re building it in Telco. This is a platform economy and alliances win and you have alliances with your competitors ’cause you compete in the morning, but you’re best friends by the afternoon. Winning in other platforms is just as important as driving your own. [00:20:20] Jay McBain: And probably the most important part of this is go to market. That sales, that marketing, the 28 moments, the every 30 days forever become all a partner strategy. So there’s still CEOs out there that believe platform is a UI or UX on a bunch of disparate products and things you’ve acquired. There’s still CFOs out there that Think platform is a pricing model, a bundle model of just getting everything under one, you know, subscription price or consumption price. [00:20:51] Jay McBain: And it’s not, platforms are synonymous with partnerships. This is the way forward and there’s no conversation around ai. That doesn’t involve Nvidia over there, an open AI over here and a hyperscaler over there and a SaaS company over here. The seven layer stack wins every single time, and the companies that get this will be the ones that survive this cycle. [00:21:16] Jay McBain: Now, flipping over to marketplaces. So we had written research that, um, about five years ago that marketplaces were going to grow at 82% compounded. Yeah, probably one of the most accurate predictions we ever made, because it happened, we, we predicted that, uh, we were gonna get up to about $85 billion. Well, now we’ve extended that to 2030, so we’re gonna get up to $163 billion, and the thing that we’re watching is in green. [00:21:46] Jay McBain: If 96% of these deals are partner assisted in some way, how is the economics of partnering going to work? We predicted that 50% of deals by 2027. Would be partner funded in some way. Private offers multi-partner offers distributor sellers of record, and now that extends to 59% by 2030, the most senior leader of the biggest marketplace AWS, just said to us they’re gonna probably make these numbers on their own. [00:22:14] Jay McBain: And he asked what their two competitors are doing. So he’s telling us that we under called this. Now when you look at each of the press releases, and this is the AWS Billion Dollar Club. Every one of the companies on the left have issued a press release that they’re in the billion dollar club. Some of them are in the multi-billions, but I want you to double click on this press release. [00:22:35] Jay McBain: I’m quoted in here somewhere, but as CrowdStrike is building the marketplace at 91% compounded, they’re almost doubling their revenue every single year. They’re growing the partner funding, in this case, distributor funding by 3548%. Almost triple digit growth in marketplace is translating into almost quadruple digit growth in funding. [00:23:01] Jay McBain: And you see that over and over again as, as Splunk hit three, uh, billion dollars. The same. Salesforce hit $2 billion on AWS in Ulti, 18 months. They joined in October 20, 23, and 18 months later, they’re already at $2 billion. But now you’re seeing at Salesforce, which by the way. Grew up to $40 billion in revenue direct, almost not a nickel in resell. [00:23:28] Jay McBain: Made it really difficult for VARs and managed service providers to work with Salesforce because they couldn’t understand how to add services to something they didn’t book the revenue for. While $40 billion companies now seeing 70% of their deals come through partners. So this is just the world that we’re in. [00:23:44] Jay McBain: It doesn’t matter who you are and what industry you’re in, this takes place. But now we’re starting to see for the first time. Partners join the billion dollar club. So you wonder about partnering and all this funding and everything that’s working through Now you’re seeing press releases and companies that are redoing their LinkedIn branding about joining this illustrious club without a product to sell and all the services that wrap around it. [00:24:10] Jay McBain: So the opening session on Microsoft was interesting because there’s been a number of changes that Microsoft has done just in the last 30 days. One is they cut distribution by two thirds going from 180 distributors to 62. They cut out any small partner lower than a thousand dollars, and that doesn’t sound like a lot, but that’s over a hundred thousand partners that get deed tightening the long tail. [00:24:38] Jay McBain: They we’re the first to really put a global point system in place three years ago. They went to the new commerce experience. If you remember, all kinds of changes being led by. The biggest company for the channel. And so when we’re studying marketplaces, we’re not just studying the three hyperscalers, we’re studying what TD Cynic is doing with Stream One Ingram’s doing with Advant Advantage Aerosphere. [00:25:01] Jay McBain: Also, we’re watching what PAX eight, who by the way, is the 365 bestseller for Microsoft in the world. They are the cybersecurity leader for Microsoft in the world and the copilot. Leader in the world for Microsoft and Partner of the Year for Microsoft. So we’re watching what the cloud platforms are doing, watching what the Telco are doing, which is 25 cents out of every dollar, if you remember that pie chart, watching what the biggest resellers are converting themselves into. [00:25:30] Jay McBain: Vince just mentioned, you know, SHI in the changes there watching the managed services market and the leaders there, what they’re doing in terms of how this industry’s moving forward. By the way, managed services at $608 billion this year. Is one and a half times larger than the SaaS industry overall. [00:25:48] Jay McBain: It’s also one and a half times larger than all the hyperscalers combined. Oracle, Alibaba, IBM, all the way down. This is a massive market and it makes up 15 to 20 cents of every dollar the customer spend. We’re watching that industry hit a trillion dollars by the end of the decade, and we’re watching 150 different marketplace development platforms, the distribution of our industry, which today is 70.1% indirect. [00:26:13] Jay McBain: We’re starting to see that number, uh, solidify in terms of marketplaces as well. Watching distributors go from that linear warehouse in a bank to this orchestration model, watching some of the biggest players as the world comes around, platforms, it tightens around the place. So Caresoft, uh, from from here is the sixth biggest distributor in the world. [00:26:40] Jay McBain: Just shows you how big the. You know, biggest client in the world is that they serve. But understand that we’re publishing the distributor 500 list, but it’ll be the same thing. That little group in blue in the middle today, you know, drives almost two thirds of the market. So what happens in all this next stage in terms of where the dollars change hands. [00:27:07] Jay McBain: And the economics of partnering themselves are going through the most radical shift that we’ve seen ever. So back to the nineties, and, and for those of you that have been channel chiefs and running programs, we went to work every day. You know, everything’s on fire. We’re trying to check hundred boxes, trying to make our program 10% better than our competitors. [00:27:30] Jay McBain: Hey, we gotta fix our deal registration program today, and our incentives are outta whack or training programs or. You know, not where they need to be. Our certification, you know, this was the life of, uh, of a channel chief. Everybody thought we were just out drinking in the Caribbean with our best partners, but we were under the weight of this. [00:27:49] Jay McBain: But something interesting has happened is that we turned around and put the customer at the middle of our programs to say that those 28 moments in green before the sale are really, really important. And the seven partners who participate are really important. Understanding. The customer’s gonna buy a seven layer stack. [00:28:09] Jay McBain: They’re gonna buy it With these seven partners, the procurement stage is much different. The growth of marketplaces, the growth of direct in some of these areas, and then long term every 30 days forever in a managed service, implementations, integrations, how you upsell, cross-sell, enrich a deal changes. So how would you build a program that’s wrapped around the customer instead of the vendor? [00:28:35] Jay McBain: And we’re starting to hear our partners shout back to us. These are global surveys, big numbers, but over half of our partners, regardless of type, are selling consulting to their customer. Over half are designing architecting deals. A third of them are trying to be system integrators showing up at those implementation integration moments. [00:28:55] Jay McBain: Two thirds of them are doing managed services, but the shocking one here is 44% of our partners, regardless of type, are coding. They’re building agents and they’re out helping their customer at that level. So this is the modern partner that says, don’t typecast me. You may have thought of me in your program. [00:29:14] Jay McBain: You might have me slotted as a var. Well, I do 3.2 things, and if I don’t get access to those resources, if you don’t walk me to that room, I’m not gonna do them with you. You may have me as a managed service provider that’s only in the morning. By the afternoon I’m coding, and by the next morning I’m implementing and consulting. [00:29:33] Jay McBain: So again, a partner’s not a partner. That Venn diagram is a very loose one now, as every partner on there is doing 3.2 different business models. And again, they’re telling us for 43 years, they said, I want more leads this year it changed. For the first time, I want to be recognized and incentivized as more than just a cash register for you. [00:29:57] Jay McBain: I want you to recognize when I’m consulting, when I’m designing, when you’re winning deals, because of my wonderful services, by the way, we asked the follow up question, well, where should we spend our money with you? And they overwhelmingly say, in the consulting stage, you win and lose deals. Not at moment 28. [00:30:18] Jay McBain: We’re not buying a pack of gum at the gas station. This is a considered purchase. You win deals from moment 12 through 16 and I’m gonna show you a picture of that later, and they say, you better be spending your money there, or you’re not gonna win your fair share or more than your fair share of deals. [00:30:36] Jay McBain: The shocking thing about this is that Microsoft, when they went to the point system, lifted two thirds of all the money, tens of billions of dollars, and put it post-sale, and we were all scratching our heads going. Well, if the partners are asking for it there, and it seems like to beat your biggest competitors, you want to win there. [00:30:54] Jay McBain: Why would you spend the money on renewal? Well, they went to Wall Street and Goldman Sachs and the people who lift trillions of dollars of pension funds and said, if we renew deals at 108%, we become a cash machine for you. And we think that’s more valuable than a company coming out with a new cell phone in September and selling a lot of them by Christmas every year. [00:31:18] Jay McBain: The industry. And by the way, wall Street responded, Microsoft has been more valuable than Apple since. So we talk in this now multiplier language, and these are reports that we write, uh, at AMIA at canals. But talking about the partner opportunity in that customer cycle, the $6 and 40 cents you can make for every dollar of consumption, or the $7 and 5 cents you can make the $8 and 45 cents you can make. [00:31:46] Jay McBain: There’s over 24 companies speaking at this level now, and guess what? It’s not just cloud or software companies. Hardware companies are starting to speak in this language, and on January 25th, Cisco, you know, probably second to Microsoft in terms of trust built with the channel globally is moving to a full point system. [00:32:09] Jay McBain: So these are the changes that happen fast. But your QBR with your partners now less about drinking beers at the hotel lobby bar and talking dollar by dollar where these opportunities are. So if you’re doing 3.2 of these things, let’s build out a, uh, a play where you can make $3 for every dollar that we make. [00:32:28] Jay McBain: And you make that profitably. You make it in sticky, highly retained business, and that’s the model. ’cause if you make $3 for every dollar. We make, you’re gonna win Partner of the year, and if you win partner of the year, that piece of glass that you win on stage, by the time you get back to your table, you’re gonna have three offers to buy your business. [00:32:51] Jay McBain: CDW just bought a w. S’s Partner of the Year. Insight bought Google’s eight time partner of the year. Presidio bought ServiceNow’s, partner of the year over and over and over again. So I’m at Octane, I’m at CrowdStrike, I’m at all these events in Vegas every week. I’m watching these partners of the year. [00:33:05] Jay McBain: And I’m watching as the big resellers. I’m watching as the GSIs and the m and a folks are surrounding their table after, and they’re selling their businesses for SaaS level valuations. Not the one-to-one service valuation. They’re getting multiples because this is the new future of our industry. This is platform economics. [00:33:25] Jay McBain: This is winning and platforms for partners. Now, like Vince, I spent 20 minutes without talking about ai, but we have to talk about ai. So the next 20 years as it plays out is gonna play out in phases. And the first thing you know to get it out of the way. The first two years since that March of 23, has been underwhelming, to say the least. [00:33:47] Jay McBain: It’s been disappointing. All the companies that should have won the biggest in AI have been the most disappointing. It’s underperformed the s and p by a considerable amount in terms of where we are. And it goes back to this. We always overestimate the first two years, but we underestimate the first 10. [00:34:07] Jay McBain: If you wanna be the point in time person and go look at that 1983 PC or the 1995 internet or that 2007 iPhone or that whatever point in time you wanna look at, or if you want to talk about hallucinations or where chat chip ET version five is version, as opposed to where it’s going to be as it improves every six months here on in. [00:34:30] Jay McBain: But the fact of the matter is, it’s been a consumer trend. Nvidia got to be the most valuable company in the world. OpenAI was the first company to 2 billion users, uh, in that amount of speed. It’s the fastest growing product ever in history, and it’s been a consumer win this trillions of dollars to get it thrown around in the press releases. [00:34:49] Jay McBain: They’re going out every day, you know, open ai, signing up somebody new or Nvidia, investing in somebody new almost every single day in hundreds of billions of dollars. It is all happening really on the consumer side. So we got a little bit worried and said, is that 96% of surround gonna work in ag agentic ai? [00:35:10] Jay McBain: So we went and asked, and the good news is 88% of end customers are using partners to work through their ag agentic strategy. Even though they’re moving slow, they’re actually using partners. But what’s interesting from a partner perspective, and this is new research that out till 2030. This is the number one services opportunity in the entire tech or telco industry. [00:35:34] Jay McBain: 35.3% compounded growth ending at $267 billion in services. Companies are rebuilding themselves, building out practices, and getting on this train and figuring out which vendors they should hook their caboose to as those trains leave the station. But it kind of plays out like this. So in the next three to five years, we’re in this generative, moving into agentic phase. [00:36:01] Jay McBain: Every partner thinks internally first, the sales and marketing. They’re thinking about their invoicing and billing. They’re thinking about their service tickets. They’re thinking about creating a business that’s 10% better than their competitors, taking that knowledge into their customers and drive in business. [00:36:17] Jay McBain: But we understand that ag agentic AI, as it’s going to play out is not a product. A couple of years ago, we thought maybe a copilot or an agent force or something was going to be the product that everybody needed to buy, and it’s not a product, it’s gonna show up as a feature. So you go back in the history of feature ads and it’s gonna show up in software. [00:36:38] Jay McBain: So if you’re calling in SMB, maybe you’re calling on a restaurant. The restaurant isn’t gonna call OpenAI or call Microsoft or call Nvidia directly. They’re running their restaurant. And they may have chosen a platform like Toast Square, Clover, whatever iPads people are running around with, runs on a platform that does everything in their business, does staffing, does food ordering, works with Uber Eats, does everything end to end? [00:37:08] Jay McBain: They’re gonna wait to one of those platforms, dries out agent AI for them, and can run the restaurant more effectively, less human capital and more consistently, but they wait for the SaaS platform as you get larger. A hundred, 150 people. You have vice presidents. Each of those vice presidents already have a SaaS stack. [00:37:28] Jay McBain: I talked about Salesforce, ServiceNow, Workday, et cetera. They’ve already built that seven layer model and in some cases it’s 70 layers. But the fact is, is they’re gonna wait for those SaaS layers to deliver ag agentic to them. So this is how it’s gonna play out for the next three and a half, three to five years. [00:37:45] Jay McBain: And partners are realizing that many of them were slow to pick up SaaS ’cause they didn’t resell it. Well now to win in this next three to half, three to five years, you’re gonna have to play in this environment. When you start looking out from here, the next generation, you know, kind of five through 15 years gets interesting in more of a physical sense. [00:38:06] Jay McBain: Where I was yesterday talking about every IOT device that now is internet access, starts to get access to large language models. Every little sensor, every camera, everything that’s out there starts to get smart. But there’s a point. The first trillionaire, I believe, will be created here. Elon’s already halfway there. [00:38:24] Jay McBain: Um, but when Bill Gates thought there was gonna be a PC in every home, and IBM thought they were gonna sell 10,000 to hobbyists, that created the richest person in the world for 20 years, there will be a humanoid in every home. There’s gonna be a point in time that you’re out having drinks with your friends, and somebody’s gonna say, the early adopter of your friends is gonna say. [00:38:46] Jay McBain: I haven’t done the dishes in six weeks. I haven’t done the laundry. I haven’t made my bed. I haven’t mowed the lawn. When they say that, you’re gonna say, well, how? And they’re gonna say, well, this year I didn’t buy a new car, but I went to the car dealership and I bought this. So we’re very close to the dexterity needed. [00:39:05] Jay McBain: We’ve got the large language models. Now. The chat, GPT version 10 by then is going to make an insane, and every house is gonna have one of the. [00:39:17] Jay McBain: This is the promise of ai. It’s not humanoid robots, it’s not agents. It’s this. 99% of the world’s business data has not been trained or tuned into models yet. Again, this is the slow moving business. If you want to think about the 99% of business data, every flight we’ve all taken in this room sits on a saber system that was put in place in 1964. [00:39:43] Jay McBain: Every banking transaction, we’ve all made, every withdrawal, every deposit sits on an IBM mainframe put in place in the sixties or seventies. 83% of this data sits in cold storage at the edge. It’s not ready to be moved. It’s not cleansed, it’s not, um, indexed. It’s not in any format or sitting on any infrastructure that a large language model will be able to gobble up the data. [00:40:10] Jay McBain: None of the workflows, none of the programming on top of that data is yet ready. So this is your 10 to 20 year arc of this era that chat bot today when they cancel your flight is cute. It’s empathetic, it feels bad for you, or at least it seems to, but it can’t do anything. It can’t book you the Marriott and get you an Uber and then a 5:00 AM flight the next morning. [00:40:34] Jay McBain: It can’t do any of that. But more importantly, it doesn’t know who you are. I’ve got 53 years of flights under my belt and they, I’m the person that get me within six hours of my kids and get me a one-way Hertz rental. You know, if there’s bad weather in Miami, get me to Tampa, get me a Hertz, I’m driving home, I’m gonna make it home. [00:40:56] Jay McBain: I’m not the 5:00 AM get me a hotel person. They would know that if they picked up the flights that I’ve taken in the past. Each of us are different. When you get access to the business data and you become ag agentic, everything changes. Every industry changes because of this around the customers. When you ask about this 35% growth, working on that data, working in traditional consulting and design and implementation, working in the $7 trillion of infrastructure, storage, compute, networking, that’s gonna be around, this is a massive opportunity. [00:41:30] Jay McBain: Services are gonna continue to outgrow products. Probably for the next five to 10 years because of this, and I’m gonna finish here. So we talked a lot about quantifying names, faces, places, and I think where we failed the most as ultimate partners is underneath the tam, which every one of our CEOs knows to the decimal point underneath the TAM that our board thinks they’re chasing. [00:41:59] Jay McBain: We’ve done a very poor job. Of talking about the available markets and obtainable markets underneath it, we, we’ve shown them theory. We’ve shown them a bunch of, you know, really smart stuff, and PowerPoint slides up the wazoo, but we’ve never quantified it for them. If they wanna win, if they want to get access, if they want to double their pipeline, triple their pipeline, if they wanna start winning more deals, if they wanna win deals that are three times larger, they close two times faster. [00:42:31] Jay McBain: And they renew 15% larger. They have to get into the available and obtainable markets. So just in the last couple weeks I spoke at Cribble, I spoke at Octane, I spoke at CrowdStrike Falcon. All three of those companies at the CEO level, main stage use those exact three numbers, three x, two x, 15%. That’s the language of platforms, and they’re investing millions and millions and millions of dollars on teams. [00:42:59] Jay McBain: To go build out the Sam Andal in name spaces and places. So you’ve heard me talk about these 28 moments a lot. They’re the ones that you spend when you buy a car. Some people spend one moment and they drive to the Cadillac dealership. ’cause Larry’s been, you know, taking care of the family for 50 years. [00:43:18] Jay McBain: Some people spend 50 moments like I do, watching every YouTube video and every, you know, thing on the internet. I clear the internet cover to cover. But the fact is, is every deal averages around these 28 moments. Your customer, there’s 13 members of the buying committee today. There’s seven partners and they’re buying seven things. [00:43:37] Jay McBain: There’s 27 things orchestrating inside these 28 moments. And where and how they all take place is a story of partnering. So a couple of years ago, canals. Latin for channel was acquired by amia, which is a part of Informa Tech Target, which is majority owned by Informa. All that being said, there’s hundreds of magazines that we have. [00:44:00] Jay McBain: There’s hundreds of events that we run. If somebody’s buying cybersecurity, they probably went to Black Hat or they probably went to GI Tech. One of these events we run, or one of the magazines. So we pick up these signals, these buyer intent signals as a company. Why did they wanna, um, buy a, uh, a Canals, which was a, you know, a small analyst firm around channels? [00:44:22] Jay McBain: They understood this as well. The 28 moments look a lot like this when marketers and salespeople are busy filling in the spots of every deal. And by the way, this is a real deal. AstraZeneca came in to spend millions of dollars on ASAP transformation, and you can start to see as the customer got smart. [00:44:45] Jay McBain: The eBooks, they read the podcasts, they listened to the events they went to. You start to see how this played out over the long term. But the thing we’ve never had in our industry is the light blue boxes. This deal was won and lost in December. In this particular case, NTT software won and Yash came in and sold the customer five projects. [00:45:07] Jay McBain: The millions of dollars that were going to be spent were solved here. The design and architecture work was all done here. A couple of ISVs You see in light blue came in right at the end, deal was closed in April. You see the six month cycle. But what if you could fill in every one of the 28 boxes in every single customer prospect that your sales and marketing team have? [00:45:30] Jay McBain: But here’s the brilliance of this. Those light blue boxes didn’t win the deals there. They won the deals months before that. So when NTT and Software one walked into this deal. They probably won the deal back in October and they had to go through the redlining. They had to go through the contracting, they had to go through all the stuff and the Gantt chart to get started. [00:45:54] Jay McBain: But while your CMO is getting all excited about somebody reading an ebook and triggering an MQL that the sales team doesn’t want, ’cause it’s not qualified, it’s not sales qualified, you walk in and say, no, no. This is a multimillion deal, dollar deal. It’s AstraZeneca. I know the five partners that are coming in in December to solidify the seven layers, and you’re walking in at the same time as the CMOs bragging about an ebook. [00:46:21] Jay McBain: This changes everything. If we could get to this level of data about every dollar of our tam, we not only outgrow our competitors, we become the platforms of the next generation. Partnering and ultimate partnering is all here. And this is what we’re doing in this room. This is what we’re doing over these couple of days, and this is what, uh, the mission that Vince is leading. [00:46:43] Jay McBain: Thank you so much. [00:46:47] Vince Menzione: Woo. Day in the house. Good to see you my friend. Good to see you. Oh, we’re gonna spend a couple minutes. Um, I’m put you in the second seat. We’re gonna put, we’re gonna make it sit fireside for a minute. Uh, that was intense. It was pretty incredible actually, Jay. And so I’m, I think I wanna open it up ’cause we only have a few minutes just to, any questions? [00:47:06] Vince Menzione: I’m sure people are just digesting. We already have one up here. See, [00:47:09] Question: Jay knows I’m [00:47:10] Vince Menzione: a question. I love it. We, I don’t think we have any I can grab a mic, a roving mic. I could be a roving mic person. Hold on. We can do this. This is not on. [00:47:25] Vince Menzione: Test, test. Yes it is. Yeah. [00:47:26] Question: Theresa Carriol dared me to ask a question and I say, you don’t have to dare me. You know, I’m going to Anyway. Um, so Jay, of the point of view that with all of the new AI players that strategic alliances is again having a moment, and I was curious your point of view on what you’re seeing around this emergence and trend of strategic alliances and strategic alliance management. [00:47:52] Question: As compared to channel management. And what are you seeing in terms of large vendors like AWS investing in that strategic alliance role versus that channel role training, enablement, measurement, all that good stuff? [00:48:06] Jay McBain: Yeah, it’s, it’s a great question. So when I told the story about toast at the restaurant or Square or Clover, they’re not call, they’re not gonna call open AI or Nvidia themselves either. [00:48:17] Jay McBain: When you look out at the 250,000 ISVs. That make up this AI stack, there is the layers that happen there. So the Alliance with AWS, the alliance they have with Microsoft or Google is going to be how they generate agent AI in their platforms. So when I talk about a seven layer stack, the average deal being seven layers, AI is gonna drive this to nine, and then 11, then probably 13. [00:48:44] Jay McBain: So in terms of how alliances work, I had it up there as one of the five core strategies, and I think it’s pretty even. You can have the best alliances in the world, but if the seven partners trusted by the customer don’t know what that alliance is and the benefits to the customer and never mention it, it’s all for Naugh. [00:49:00] Jay McBain: If you’re go-to market, you’re co-selling, your co-marketing strategies are not built around that alliance. It’s all for naught. If the integration and the co-innovation, the co-development, the all the co-creation work that’s done inside these alliances isn’t translated to customer outcomes, it’s all for naugh. [00:49:17] Jay McBain: These are all five parallel swim lanes. All five are absolutely critically needed. And I think they’re all five pretty equally weighted in terms of needing each other. Yes. To be successful in the era of platforms. Yeah. [00:49:32] Vince Menzione: And the problem is they’re all stove pipe today. If, if at all. Yeah. Maintained, right. [00:49:36] Vince Menzione: Alliances is an example. Channels and other example. They don’t talk to one another. Judge any, we’ve got a mic up here if anybody else has. Yep. We have some questions here, Jacqueline. [00:49:51] Question: So when we’re developing our channel programs, any advice on, you know, what’s the shift that we should make six months from now, a year from now? The historical has been bronze, silver, gold, right? And you’ve got your deal registration, but what’s the future look like? [00:50:05] Jay McBain: Yeah, so I mean, the programs are, are changing to, to the point where the customer should be in the middle and realizing the seven partners you need to win the deal. [00:50:15] Jay McBain: And depending on what category of product you’re in, security, how much you rely on resell, 91.6%. You know, the channel partners are gonna be critical where the customer spends the money. And if you’re adding friction to that process, you’re adding friction in terms of your growth. So you know, if you’re in cybersecurity, you have to have a pretty wide open reseller model. [00:50:39] Jay McBain: You have to have a wide open distribution model, and you have to make sure you’re there at that point of sale. While at the same time, considering the other six partners at moment 12 who are in either saying nice things about you or not, the customer might even be starting with you. ’cause there is actually one thing that I didn’t mention when I showed the 28 moments filled in. [00:51:00] Jay McBain: You’ll notice that the customer went to AWS twice direct. AWS lost the deal. Microsoft won the deal software. One is Microsoft’s biggest reseller in the world. They just acquired crayon. NTT who, who loves both had their Microsoft team go in. [00:51:18] Question: Mm. [00:51:19] Jay McBain: So I think that they went to AWS thinking it was A-W-S-S-A-P, you know, kind of starting this seven layer stack. [00:51:25] Jay McBain: I think they finished those, you know, critical moments in the middle looking at it. And then they went back to AWS kind of going probably WWTF. Yeah. What we thought was happening isn’t actually the outcome that was painted by our most trusted people. So, you know, to answer your question, listen to your partners. [00:51:43] Jay McBain: They want to be recognized for the other things they’re doing. You can’t be spending a hundred percent of the dollars at the point of sale. You gotta have a point of system that recognizes the point of sale, maybe even gold, silver, bronze, but recognizing that you’re paying for these other moments as well. [00:51:57] Jay McBain: Paying for alliances, paying for integrations and everything else, uh, in the cyber stack. And, um, you know, recognizing also the top 1000. So if I took your tam. And I overlaid those thousand logos. I would be walking into 2026 the best I could of showing my company logo by logo, where 80% of our TAM sits as wallet share, not by revenue. [00:52:25] Jay McBain: Remember, a million dollar partner is not a million dollar partner. One of them sells 1.2 million in our category. We should buy them a baseball cap and have ’em sit in the front row of our event. One of them sells $10 million and only sells our stuff if the customer asks. So my company should be looking at that $9 million opportunity and making sure my programs are writing the checks and my coverage. [00:52:48] Jay McBain: My capacity and capability planning is getting obsessed over that $9 million. My farmers can go over there, my hunters can go over here, and I should be submitting a list of a thousand sorted in descending order of opportunity. Of where my company can write program dollars into. [00:53:07] Vince Menzione: Great answer. All right. I, I do wanna be cognizant of time and the, all the other sessions we have. [00:53:14] Vince Menzione: So we’ll just take one other question if there are any here and if not, we’ll let I know. Jay, you’re gonna be mingling around for a little while before your flight. I’m [00:53:21] Jay McBain: here the whole day. [00:53:22] Vince Menzione: You, you’re the whole day. I see that Jay’s here the whole day. So if you have any other questions and, and, uh, sharing the deck is that. [00:53:29] Vince Menzione: Yep. Alright. We have permission to share the deck with the each of you as well. [00:53:34] Jay McBain: Alright, well thank you very much everyone. Jay. Great to have you.

Cybercrime Magazine met with Alex Zoldova, Board Member, Women In Cybersecurity at Microsoft when we were at Black Hat Europe 2025 in London. She spoke with us about the state of women in cybersecurity today, as well as the value of mentoring, the imperative to increase STEM education opportunities for young people, and more. Connect with Alex Zoldova on LinkedIn at https://www.linkedin.com/in/hacker-z-35aa92a7. For more of our media, and more coverage from Black Hat Europe 2025, visit our website at https://CybersecurityVentures.com.

Cybercrime Magazine has a new podcast series coming soon, brought to you by Mend.io, whose mission is to make application security frictionless for developers and scalable for security teams – without compromise. Deputy editor Amanda Glassner caught up with Amir Shahmiri, senior sales engineer, at Black Hat Europe 2025. This episode was brought to you by Mend.io. To learn more about our sponsor, visit their website at https://mend.io. For more of our media, visit our website at https://CybersecurityVentures.com.

Cybercrime Magazine was a media partner at Black Hat Europe 2025, marking a new chapter for our reporting. Conversations centered around familiar topics – including ransomware, artificial intelligence, and cloud security – but being on location in Europe, there was one unavoidable question: how do today's cybersecurity challenges look from a European perspective? For more of our media, and more coverage from Black Hat Europe 2025, visit our website at https://CybersecurityVentures.com.

As a media sponsor at Black Hat Europe 2025, Cybercrime Magazine caught up with leaders from across the cybersecurity sector, including Or Chen, co-founder and CPO at Clover Security. In this episode, Chen discussed the company's approach to reinventing product security, artificial intelligence, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Cybercrime Magazine was a media partner at Black Hat Europe 2025, where we met with leaders from across the cybersecurity industry. Saransh Rawat is the Chief Technology Officer at TAC Security. In this episode, he joins host Amanda Glassner to discuss the company's presence at the London-based event. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Cybercrime Magazine was a media sponsor at Black Hat Europe, where we spoke with leaders from across the cybersecurity industry. We caught up with Suzy Pallett, president at Black Hat, as the event came to a close. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Cybercrime Magazine was a media partner at Black Hat Europe 2025, where we met with leaders from some of the industry's hottest companies, including Cracken. In this episode, host Amanda Glassner is joined by Artem Sorokin, CEO, to discuss the company's presence at the London-based event, Cracken's mission to weaponize defense, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Cybercrime Magazine was a media partner at Black Hat Europe 2025, where we met with leaders from some of the industry's hottest companies, including PlexTrac. In this episode, host Amanda Glassner is joined by Daniel DeCloss, founder at PlexTrac, to discuss the company's presence at the London-based event and what's ahead in 2026. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Dick O'Brien is the principal intelligence analyst with Symantec and Carbon Black's threat hunter team. Cybercrime Magazine caught up with him at Black Hat Europe, where he spoke to us from the Broadcom booth, covering topics such as artificial intelligence, the future of cybercrime, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Send us a textOur story, by author Gary Raisor, is perfect for this time of year. “The Old Black Hat” is a different take on a Christmas Icon. It's a delightful “what if “story that offers up some dark holiday humor. Not so humorous are some of the beasties that make their appearance around the world during winter. We'll look at a few.Very carefully...MusicFesliyan Studios: "Ghost," "Halloween" "Scary Music," Audio Jungle: "Halloween Waltzes" Jimmy Durante: "Frosty the Snowman"Narration: Robert BreaultPlease join us! Like and follow our Facebook page to become " patron of the Cemetery Hills Library, or (even better!)  jump on our Patreon page and become a VIP Patron.                         Mugs, tee-shirts and eternal thanks await you!                                                                  Patreon Page: https://www.patreon.com/user?u=61177769&fan_landing=trueWebpage: http://www.afterwordsparanormal.comFacebook: After Words Paranormal Podcast

Send us a textOur story, by author Gary Raisor, is perfect for this time of year. “The Old Black Hat” is a different take on a Christmas Icon. It's a delightful “what if “story that offers up some dark holiday humor. Not so humorous are some of the beasties that make their appearance around the world during winter. We'll look at a few.Very carefully...MusicFesliyan Studios: "Ghost," "Halloween" "Scary Music," Audio Jungle: "Halloween Waltzes" Jimmy Durante: "Frosty the Snowman"Narration: Robert BreaultPlease join us! Like and follow our Facebook page to become " patron of the Cemetery Hills Library, or (even better!)  jump on our Patreon page and become a VIP Patron.                         Mugs, tee-shirts and eternal thanks await you!                                                                  Patreon Page: https://www.patreon.com/user?u=61177769&fan_landing=trueWebpage: http://www.afterwordsparanormal.comFacebook: After Words Paranormal Podcast

Lucas Lundgren berättar hur han jobbar med organisationer och företag – han är en av Nordens mest erfarna och respekterade experter inom offensiv cybersäkerhet. Med över 30 års erfarenhet, och en resa som började vid 12 års ålder, har han identifierat kritiska sårbarheter i energisystem, transporter och globala företag såsom Microsoft, SAP och Amazon. Han har talat på Black Hat, DEF CON, RSA och Sec-T, och hans arbete finns till och med refererat i akademiska forskningsrapporter från Stanford University. Du hör honom i detta avsnitt av Palo Altos podcast För säkerhets skull. Detta är ett kommersiellt samarbete och inte en del av Di:s redaktionella innehåll.

Cybercrime Magazine was a media partner at Black Hat Europe 2025, where we met with leaders from some of the industry's hottest companies, including OX Security. In this episode, host Amanda Glassner is joined by Chris Lindsey, Field CTO at OX, to discuss the company's presence at the London-based event and his perspective on cybersecurity in Europe and across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

____________Guests:Suzy PallettPresident, Black Hat. Cybersecurity.On LinkedIn: https://www.linkedin.com/in/suzy-pallett-60710132/The Cybersecurity Community Finds Its Footing in Uncertain TimesThere is something almost paradoxical about the cybersecurity industry. It exists because of threats, yet it thrives on trust. It deals in technical complexity, yet its beating heart is fundamentally human: people gathering, sharing knowledge, and collectively deciding that defending each other matters more than protecting proprietary advantage.This tension—and this hope—was on full display at Black Hat Europe 2025 in London, which just wrapped up at the ExCel Centre with attendance growing more than 25 percent over last year. For Suzy Pallett, the newly appointed President of Black Hat, the numbers tell only part of the story."What I've found from this week is the knowledge sharing, the insights, the open source tools that we've shared, the demonstrations that have happened—they've been so instrumental," Pallett shared in a conversation with ITSPmagazine. "Cybersecurity is unlike any other industry I've ever been close to in the strength of that collaboration."Pallett took the helm in September after Steve Wylie stepped down following eleven years leading the brand through significant growth. Her background spans over two decades in global events, most recently with Money20/20, the fintech conference series. But she speaks of Black Hat not as a business to be managed but as a community to be served.The event itself reflected the year's dominant concerns. AI agents and supply chain vulnerabilities emerged as central themes, continuing conversations that dominated Black Hat USA in Las Vegas just months earlier. But Europe brought its own character. Keynotes ranged from Max Meets examining whether ransomware can actually be stopped, to Linus Neumann questioning whether compliance checklists might actually expose organizations to greater risk rather than protecting them."He was saying that the compliance checklists that we're all being stressed with are actually where the vulnerabilities lie," Pallett explained. "How can we work more collaboratively together so that it's not just a compliance checklist that we get?"This is the kind of question that sits at the intersection of technology and policy, technical reality and bureaucratic aspiration. It is also the kind of question that rarely gets asked in vendor halls but deserves space in our collective thinking.Joe Tidy, the BBC journalist behind the EvilCorp podcast, delivered a record-breaking keynote attendance on day two, signaling the growing appetite for cybersecurity stories that reach beyond the practitioner community into broader public consciousness. Louise Marie Harrell spoke on technical capacity and international accountability—a reminder that cyber threats respect no borders and neither can our responses.What makes Black Hat distinct, Pallett noted, is that the conversations happening on the business hall floor are not typical expo fare. "You have the product teams, you have the engineers, you have the developers on those stands, and it's still product conversations and technical conversations."Looking ahead, Pallett's priorities center on listening. Review boards, advisory boards, pastoral programs, scholarships—these are the mechanisms through which she intends to ensure Black Hat remains, in her words, "a platform for them and by them."The cybersecurity industry faces a peculiar burden. What used to happen in twelve years now happens in two days, as Pallett put it. The pace is exhausting. The threats keep evolving. The cat-and-mouse game shows no signs of ending.But perhaps that is precisely why events like this matter. Not because they offer solutions to every problem, but because they remind an industry under constant pressure that it is not alone in the fight. That collaboration is not weakness. That sharing knowledge freely is not naïve—it is strategic.Black Hat Europe 2025 may have ended, but the conversations it sparked will carry forward into 2026 and beyond.____________HOSTS:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More

Once described on Reddit as “technically challenged”, Sarah is a Principal Security Advocate working at Microsoft. She has lived all over the place but currently calls Melbourne home.Sarah has been working in cyber security since before it was cool, has previously spoken at many security conferences including Black Hat and has co-authored a few Microsoft Press technical books. She is an active supporter of security communities across the globe and a co-host of the Microsoft Azure Security Podcast.Sarah spends most of her spare time gaming, taking part in Melbourne's official sport of brunching, taking high tea and spending a disproportionate amount of her income on her dogs.You can find Sarah on the following sites:WebsiteLinkedInGitHubBlueskyXPLEASE SUBSCRIBE TO THE PODCASTSpotifyApple PodcastsYouTube MusicAmazon MusicRSS FeedYou can check out more episodes of Coffee and Open Source on https://www.coffeeandopensource.comCoffee and Open Source is hosted by Isaac Levin

Boot up your PC's and access the mainframe with Mitchell, Luke and Vonn as we compare and take the piss out of two movies about hackers. For our "high" this week we're talking about Michael Mann's underrated globetrotting action thriller "Blackhat" starring Chris Hemsworth, Tang Wei, Viola Davis and Wang Leehom. Stay tuned for part 2 which will be all about the 1995 cult classic "Hackers". Get social with High & Low!Instagram @HighLowMovieShowThreads @ HighLowMovieShowJoin our Facebook Group The High & Low DungeonBuy Us a Coffee Twitter @HighLowMovieSho

A past guest, Caster Volor, returns to the show this year with a brand new album. Caster Volor with songs At Least We Still Got Our Rock and Roll, Hard R and Wear the Black Hat

Bloomberg Daybreak Weekend with Host Nathan Hager take a look at some of the stories we'll be tracking in the coming week. In the US – a look ahead to next week’s Fed decision and earnings from Oracle and Adobe. In the UK – a look ahead to the Blackhat cybersecurity conference. In Asia – a look ahead to China consumer and producer price data. See omnystudio.com/listener for privacy information.

Bloomberg Daybreak Weekend with Host Nathan Hager take a look at some of the stories we'll be tracking in the coming week. In the US – a look ahead to next week’s Fed decision and earnings from Oracle and Adobe. In the UK – a look ahead to the Blackhat cybersecurity conference. In Asia – a look ahead to China consumer and producer price data. See omnystudio.com/listener for privacy information.

Bloomberg Daybreak Weekend with Host Nathan Hager take a look at some of the stories we'll be tracking in the coming week. In the US – a look ahead to next week’s Fed decision and earnings from Oracle and Adobe. In the UK – a look ahead to the Blackhat cybersecurity conference. In Asia – a look ahead to China consumer and producer price data. See omnystudio.com/listener for privacy information.

Il a balancé +10 techniques black hat jamais partagées en public.Et je te promets : t'as jamais entendu ça ailleurs.Paul Grillet, fondateur de THot SEO, est venu balancer des secrets que même les plus gros consultants n'osent pas tester.Dans cet épisode EXCLUSIF, on parle de :

When you're first experience with a band is seeing a publicity photo of them and each member is wearing an oversized, paper mache mask for a head, you either run for the hills or start exploring more. At Roots Music Rambler, we dive in head first. That's the typical first impression one encounters when finding the Atlanta-based band Del Roscoe. Their new self-titled album came out this fall and the sonic and visual aesthetic the group presents is enough to rouse curiosity. The band calls itself a “gothic indie Americana band.” And the experience aligns with that description. Co-founder Robert Lee, the group's primary songwriter, and drummer Matt McKinney took time from their bowling night recently to dial in to Roots Music Rambler from the front of their car. We only point that out because it totally aligns with the experience of Del Roscoe, a band named after a pair of dogs: Del and Roscoe. We talked about how the band came together, the drivers behind the look and sound, the new album, and the political undertones of songs on the album like Black Hats. As one might expect, the conversation took some twists and turns and on a couple of occasions, nearly devolved into ridiculous. But all of it was a load of fun.  This episode might be one of the more entertaining we've had in a while. Plus, Frank and Falls share their pickin' the grinnin' choices for music recommendations, and talk about the new Waylon Jennings album Songbird.  Watch the Episode on YouTube Download the episode and subscribe at rootsmusicrambler.com, watch the full episode on YouTube, or download wherever you get your podcasts.  Also be sure to help spread the love of the show with Roots Music Rambler's new merch, now available at rootsmusicrambler.com/store. Authentic t-shirts, hats and stickers are now available.  Buckle up for The Hoe-Down and the Throw-Down! It's a new episode of Roots Music Rambler. Notes and links:  Waylon Jennings Songbird on Spotify Del Roscoe Online Del Roscoe on Spotify The Roots Music Rambler Store Roots Music Rambler on YouTube Roots Music Rambler on Instagram Roots Music Rambler on TikTok Roots Music Rambler on Facebook Jason Falls on Instagram Jason Falls on TikTok Francesca Folinazzo on Instagram Pickin' the Grinnin' Recommendations Cigarettes @ Sunset on Spotify Kelli Owens Hutton on Spotify Subscribe to Roots Music Rambler on YouTube, Spotify, Apple Podcasts, GoodPods or wherever you get your podcasts. Theme Music: Sheepskin & Beeswax by Genticorum; Copyright 2025 - Falls+Partners. All music on the program is licensed by ASCAP, BMI and SESAC. Roots Music Rambler is a member of the Americana Music Association. Learn more about your ad choices. Visit megaphone.fm/adchoices

Synopsis Dans cet épisode avec Julien Turcot de GoSecure, on revient sur le succès du concept « dépanneur » au Hackfest 2025 et l'énergie exceptionnelle de l'équipe de vente qui a même participé au CTF. La discussion explore ensuite les parallèles entre la sécurité de l'IA et les vulnérabilités classiques du web, rappelant que les problèmes d'injection se répètent à travers les nouvelles technologies. L'épisode se termine sur une note nostalgique avec la redécouverte de photos du Hackfest 2009, rappelant les débuts modestes de la communauté dans le sous-sol d'un hôtel. Invité Julien Turcot de GoSecure Crew Patrick Mathieu Shamelessplug GoSecure Join Hackfest/La French Connection Discord #La-French-Connection Join Hackfest us on Masodon POLAR - Québec - 29 Octobre 2026 Hackfest - Québec - 29-30-31 Octobre 2026 Crédits Montage audio par Hackfest Communication Music par Nibana – Earth From Above - Gods From The Machine Locaux virtuels par Streamyard

Unveiling the Double-Edged Sword of AI in Cybersecurity with Brian Black In this episode of Cybersecurity Today, host Jim Love interviews Brian Black, the head of security engineering at Deep Instinct and a former black hat hacker. Brian shares his journey into hacking from a young age, his transition to ethical hacking, and his experiences working with major companies. The discussion delves into the effectiveness of cybersecurity defenses against modern AI-driven attacks, the importance of understanding organizational data, and the challenges of maintaining robust security in the age of AI. Brian emphasizes the need for preemptive security measures and shares insights on the evolving threats posed by AI as well as the need for continuous education and adaptation in the cybersecurity field. 00:00 Introduction and Sponsor Message 00:21 Meet Brian Black: From Black Hat to Good Guy 00:55 Brian's Early Hacking Days 02:46 Transition to Ethical Hacking 04:11 Life in the Hacking Community 08:54 Advice for Aspiring Hackers and Parents 11:05 Corporate Career and Red Teaming 13:12 The Importance of Basics in Cybersecurity 21:41 Multifactor Authentication: The Good and the Bad 24:19 Challenges in Vendor Security Testing 27:41 Weaknesses in Cyber Defense 28:22 AI Speed vs Human Speed 28:37 AI in Cybersecurity Attacks 30:08 Dark AI Tools and Their Capabilities 32:54 AI Agents and Offensive Strategies 35:43 Challenges in Cybersecurity Defense 41:48 The Role of Red Teaming 42:46 Hiring the Right Red Team 46:59 Burnout in Cybersecurity 48:17 AI as a Double-Edged Sword 52:43 Deep Instinct's Approach to Security 53:58 Conclusion and Final Thoughts

Nightfall AI is pioneering AI-native data loss prevention (DLP) for enterprises navigating cloud, SaaS, and AI application proliferation. Founded in 2017 by former Uber engineers who witnessed data breaches firsthand, Nightfall addresses the architectural limitations and false positive problems plaguing legacy DLP solutions. By leveraging machine learning and large language models across three distinct layers—content classification, risk assessment, and forensic investigation—Nightfall delivers 10x accuracy improvements while enabling secure AI adoption. In this episode of Category Visionaries, I sat down with Rohan Sathe, Co-Founder & CEO of Nightfall AI, to explore their strategy for displacing entrenched incumbents and positioning as the security enabler for organizational AI deployment. Topics Discussed: Nightfall's founding thesis addressing DLP coverage gaps created by cloud and SaaS migration Three-layer AI architecture: content classification, behavioral risk analysis, and agent-assisted forensics Positioning against legacy DLP's rules-based approaches and exact data match workarounds Market education shift post-ChatGPT: from "don't use AI" to "enable AI securely" Purple brand differentiation strategy in security's dark-themed visual landscape Conference ROI reallocation: executive suite meetings versus booth presence at RSA and Black Hat Mid-market to enterprise expansion pattern through peer-to-peer word-of-mouth Founder-led LinkedIn strategy balancing market education with competitive displacement narratives Sales team composition: domain practitioners versus traditional sales profiles GTM Lessons For B2B Founders: Structure POVs to prove quantifiable superiority on one dimension: Rohan revealed Nightfall benchmarks against Google and Microsoft DLP APIs, demonstrating 10x accuracy improvements during proof-of-value cycles. When challenging mature categories, identify the single metric where you demonstrably outperform and architect evaluations to surface that gap. The key isn't claiming superiority—it's creating controlled comparisons where buyers verify it themselves. Deploy AI across three workflow layers, not as a monolithic feature: Nightfall applies AI distinctly at content classification (identifying sensitive data with high precision), behavioral analysis (distinguishing risky data movement from standard workflows), and investigation assistance (helping analysts focus forensic efforts). This creates compounding value and defensibility. Map where AI can reduce friction at multiple decision points in your customer's workflow rather than treating it as a single capability. Replace field marketing spend with curated CISO access: Nightfall redirected budget from RSA and Black Hat booths to private suites hosting scheduled executive meetings. Rohan emphasized engaging "chief information security officers who sign the checks" in intimate settings rather than booth traffic. For enterprise sales, calculate cost-per-meeting with economic buyers and reallocate spend accordingly. Design 8-person dinners as vendor-neutral industry forums: Nightfall hosts 3-4 annual dinners with 5-7 prospects and 2-3 team members (founders, head of product) structured around industry developments—like OpenAI's agent workflow builder and security implications—not product pitches. The format positions Nightfall as thought leaders while qualifying prospects through discussion quality. Agenda topics, not sales decks, drive conversion. Hire former practitioners into quota-carrying roles: Rohan identified hiring former DLP security operations analysts as account executives or solutions architects, mirroring trends in legal tech (hiring lawyers) and HR tech (hiring recruiters). For technical categories with sophisticated buyers, domain fluency in customer-facing roles outweighs traditional sales experience. This isn't solutions engineering—it's putting practitioners in quota-carrying positions. Use LinkedIn for two narratives: market education and competitive wins: Rohan posts thought leadership on DLP evolution and AI security implications alongside selective announcements of competitive displacements at enterprise AI companies and top 10 banks. He noted role postings also drive engagement, signaling growth momentum. The pattern: educate on category gaps, prove you're winning deals in those gaps, show team expansion. Avoid pure product promotion. Leverage AI adoption mandates as your demand generation engine: Post-ChatGPT, Rohan noted "board mandate and CEO mandate from every company to use as much AI as you can" created new security requirements. Nightfall shifted positioning from "prevent data loss" to "enable AI adoption securely." When macro shifts create executive-level mandates in your category, realign messaging around enabling that mandate rather than preventing its risks. Challenge category conventions through education, not assertion: Rather than simply claiming exact data match (EDM) is obsolete, Nightfall explains EDM emerged as a workaround for rules-based approaches' false positive problems—and ML eliminates the need for workarounds entirely. When displacing established practices, reveal why current solutions exist (what problem they patch) before explaining why your approach eliminates the underlying issue. //  Sponsors:  Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co // Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

Send us a textEver wondered why PBNs still tempt smart SEOs? We pull back the curtain on private blog networks—how they're built on expired domains, why they deliver short bursts of rankings, and where the true costs and risks hide. From anchor text control and link velocity to detection patterns, manual actions, and painful clean-ups, we map the full lifecycle of a PBN so you can make informed choices about your link strategy.I share a straight-talking breakdown of link economics in 2025, including why links drive not just rankings but citations across AI search experiences. You'll hear the most common PBN footprints—off-topic content mixes, templated layouts, suspicious publishing cadence, and outbound link density—and get a practical process to vet any seller with a single test buy. If you're already entangled, we cover a triage plan: request removals, consolidate a precise disavow, refresh content to regain trust, and rebalance your efforts toward durable assets that earn mentions without violating guidelines.We also explore safer, compounding alternatives: data-led digital PR, niche expert features, resource page outreach, unlinked mention reclamation, and building tools or templates worth sharing. The goal is a credible link profile that stands up to updates and sets you up for long-term growth. If you care about resilience, reputation, and real authority, this guide will help you avoid fragile shortcuts and invest where it counts.If you find this useful, subscribe, share with a friend who's wrestling with link building, and leave a quick review—your support helps more marketers find the show.SEO Is Not That Hard is hosted by Edd Dawson and brought to you by KeywordsPeopleUse.com Help feed the algorithm and leave a review at ratethispodcast.com/seo You can get your free copy of my 101 Quick SEO Tips at: https://seotips.edddawson.com/101-quick-seo-tipsTo get a personal no-obligation demo of how KeywordsPeopleUse could help you boost your SEO and get a 7 day FREE trial of our Standard Plan book a demo with me nowSee Edd's personal site at edddawson.comAsk me a question and get on the show Click here to record a questionFind Edd on Linkedin, Bluesky & TwitterFind KeywordsPeopleUse on Twitter @kwds_ppl_use"Werq" Kevin MacLeod (incompetech.com)Licensed under Creative Commons: By Attribution 4.0 Licensehttp://creativecommons.org/licenses/by/4.0/

In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Steve Fink, CTO and CISO of Secure Yeti and architect of the SOCs for Black Hat, RSA Conference, and Cisco Live, for an in-depth look at building effective Security Operations Centers (SOCs). With 26 years of cybersecurity experience, Fink shares strategies for leveraging packet data, integrating AI for automation, fostering vendor collaboration, and ensuring scalability and resilience. This expert-led discussion is a must-watch for cybersecurity professionals who want to learn how to optimize threat detection and avoid data swamps .ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a single pane-of-glass.Endace's open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-premise locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.CHAPTERS01:24 Why is your nickname 'Fink' and not Steve?02:17 What foundational, architectural principles are essential when designing a next-gen SOC?05:43 How do you approach scalability & modularity in NOC/SOC design to accommodate future growth?08:57 How have you evolved to integrate cloud native technology or hybrid environments into your SOC and what were the challenges?12:04 What role does packet data and centralized logging play in your SOC design and how do you ensure efficient data ingestion and retrieval?14:45 How do you architect SOC to support real time threat detection and response across geographically distributed global infrastructures?17:55 What strategies do you use for disaster recovery?20:35 How do you incorporate AI, ML and automation capabilities into your SOC architecture to enhance threat hunting?23:02 What are your best practices for integrating third-party tools?

Ever wondered how some apps skyrocket up the charts while you're still stuck optimizing screenshots?

S7EP1, Communicate Effectively with Christopher Hadnagy What if the same tools used by hackers could actually make us more compassionate, connected, and kind? In this eye-opening episode of Voices of Courage, host Ken D Foster sits down with Christopher Hadnagy — master hacker, author, and pioneer in the field of social engineering — to explore the powerful intersection between human behavior, communication, and ethics. Drawing from his bestselling book Human Hacking: Win Friends, Influence People, and Achieve Your Goals, Christopher reveals how empathy, generosity, and authenticity can be our most effective “human tools” in building trust and influence. He shares how understanding body language, tone, and subtle emotional cues can help us connect more deeply, communicate more effectively, and defend ourselves against manipulation. From training law enforcement agencies to speaking at global conferences like RSA and Black Hat, Christopher brings decades of experience to help us see how “hacking” human interaction—done ethically—can elevate relationships, leadership, and society itself. Discover how to use social engineering for good — to strengthen empathy, inspire change, and cultivate self-awareness in a world that needs genuine human connection more than ever. Learn more about Christopher Hadnagy and his work at www.humanhackingbook.com #VoicesOfCourage #KenDFoster #TheCourageNetwork #ChristopherHadnagy #HumanHacking #SocialEngineering #EthicalHacking #CyberPsychology #Empathy #CommunicationSkills #Influence #LeadershipDevelopment #EmotionalIntelligence #BehavioralScience #HumanConnection #AuthenticLeadership #PersonalGrowth #MindfulCommunication #Psychology #CybersecurityAwareness

Cybercrime Magazine is excited to announce that we'll be a media sponsor at Black Hat Europe 2025 taking place at ExCel London Dec. 8-11, 2025. In this episode, host Paul John Spaulding is joined by Steve Morgan, Founder of Cybersecurity Ventures and Editor-in-Chief at Cybercrime Magazine, to discuss. The Cybercrime Magazine Update airs weekly and covers the latest news, interviews, podcasts, reports, videos, and special productions from Cybercrime Magazine, published by Cybersecurity Ventures. For more on cybersecurity, visit us at https://cybersecurityventures.com

Segment 1: David Brauchler on AI attacks and stopping them David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks. NCC Group's AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data. More about David's Black Hat talk: Video of the talk and accompanying slides: https://www.nccgroup.com/research-blog/when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls/ Talk abstract: https://www.blackhat.com/us-25/briefings/schedule/#when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls-46112 Slide presentation only: https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Brauchler-When-Guardrails-Arent-Enough.pdf Additional blogs by David about AI security: Analyzing Secure AI Architectures: https://www.nccgroup.com/research-blog/analyzing-secure-ai-architectures/ Analyzing Secure AI Design Principles: https://www.nccgroup.com/research-blog/analyzing-secure-ai-design-principles/ Analyzing AI Application Threat Models: https://www.nccgroup.com/research-blog/analyzing-ai-application-threat-models/ Building Security‑First AI Applications: A Best Practices Guide for CISOs: https://www.nccgroup.com/building-security-first-ai-applications-a-best-practices-guide-for-cisos/ Building Trust by Design for Secure AI Applications: Tips for CISOs: https://www.nccgroup.com/building-trust-by-design-for-secure-ai-applications-tips-for-cisos/ AI and Cyber Security: New Vulnerabilities CISOs Must Address: https://www.nccgroup.com/ai-and-cyber-security-new-vulnerabilities-cisos-must-address/ Segment 2: Should we replace the CIA triad? An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement. Segment 3: The Weekly Enterprise News Finally, in the enterprise security news, Slow week for funding, older companies raising via debt financing A useful AI framework from the Cloud Security Alliance two interesting essays, one of which is wrong Folks are out here blasting unencrypted data to and from Satellites, while anyone can sniff and capture it getting hacked during a job interview LLM poisoning is far easier than previously thought F5 got breached Be careful when patching your Jeep ('s software) All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-429

Segment 1: David Brauchler on AI attacks and stopping them David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks. NCC Group's AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data. More about David's Black Hat talk: Video of the talk and accompanying slides: https://www.nccgroup.com/research-blog/when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls/ Talk abstract: https://www.blackhat.com/us-25/briefings/schedule/#when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls-46112 Slide presentation only: https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Brauchler-When-Guardrails-Arent-Enough.pdf Additional blogs by David about AI security: Analyzing Secure AI Architectures: https://www.nccgroup.com/research-blog/analyzing-secure-ai-architectures/ Analyzing Secure AI Design Principles: https://www.nccgroup.com/research-blog/analyzing-secure-ai-design-principles/ Analyzing AI Application Threat Models: https://www.nccgroup.com/research-blog/analyzing-ai-application-threat-models/ Building Security‑First AI Applications: A Best Practices Guide for CISOs: https://www.nccgroup.com/building-security-first-ai-applications-a-best-practices-guide-for-cisos/ Building Trust by Design for Secure AI Applications: Tips for CISOs: https://www.nccgroup.com/building-trust-by-design-for-secure-ai-applications-tips-for-cisos/ AI and Cyber Security: New Vulnerabilities CISOs Must Address: https://www.nccgroup.com/ai-and-cyber-security-new-vulnerabilities-cisos-must-address/ Segment 2: Should we replace the CIA triad? An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement. Segment 3: The Weekly Enterprise News Finally, in the enterprise security news, Slow week for funding, older companies raising via debt financing A useful AI framework from the Cloud Security Alliance two interesting essays, one of which is wrong Folks are out here blasting unencrypted data to and from Satellites, while anyone can sniff and capture it getting hacked during a job interview LLM poisoning is far easier than previously thought F5 got breached Be careful when patching your Jeep ('s software) All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-429

Segment 1: David Brauchler on AI attacks and stopping them David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks. NCC Group's AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data. More about David's Black Hat talk: Video of the talk and accompanying slides: https://www.nccgroup.com/research-blog/when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls/ Talk abstract: https://www.blackhat.com/us-25/briefings/schedule/#when-guardrails-arent-enough-reinventing-agentic-ai-security-with-architectural-controls-46112 Slide presentation only: https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Brauchler-When-Guardrails-Arent-Enough.pdf Additional blogs by David about AI security: Analyzing Secure AI Architectures: https://www.nccgroup.com/research-blog/analyzing-secure-ai-architectures/ Analyzing Secure AI Design Principles: https://www.nccgroup.com/research-blog/analyzing-secure-ai-design-principles/ Analyzing AI Application Threat Models: https://www.nccgroup.com/research-blog/analyzing-ai-application-threat-models/ Building Security‑First AI Applications: A Best Practices Guide for CISOs: https://www.nccgroup.com/building-security-first-ai-applications-a-best-practices-guide-for-cisos/ Building Trust by Design for Secure AI Applications: Tips for CISOs: https://www.nccgroup.com/building-trust-by-design-for-secure-ai-applications-tips-for-cisos/ AI and Cyber Security: New Vulnerabilities CISOs Must Address: https://www.nccgroup.com/ai-and-cyber-security-new-vulnerabilities-cisos-must-address/ Segment 2: Should we replace the CIA triad? An op-ed on CSO Online made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement. Segment 3: The Weekly Enterprise News Finally, in the enterprise security news, Slow week for funding, older companies raising via debt financing A useful AI framework from the Cloud Security Alliance two interesting essays, one of which is wrong Folks are out here blasting unencrypted data to and from Satellites, while anyone can sniff and capture it getting hacked during a job interview LLM poisoning is far easier than previously thought F5 got breached Be careful when patching your Jeep ('s software) All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-429

Suzy Pallett is the President at Black Hat. In this episode, she joins host Amanda Glassner to discuss her new position, the conference's storied history in the cybersecurity community, and more, including some upcoming events including Black Hat Middle East and Black Hat Europe. • For more on cybersecurity, visit us at https://cybersecurityventures.com/

While the N2K team is observing Indigenous Peoples' Day, we thought you'd enjoy this episode of the Threat Vector podcast from our N2K Cyberwire network partner, Palo Alto Networks. New episodes of Threat Vector release each Thursday. We hope you will explore their catalog and subscribe to the show. Join David Moulton, Senior Director of Thought Leadership for Unit 42, as he sits down with Kyle Wilhoit,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up 2600: The Hacker Quarterly magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility.  Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: Hacking Exposed Industrial Control Systems and Operationalizing Threat Intelligence. As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals. Connect with Kyle on LinkedIn Previous appearances on Threat Vector:  Inside DeepSeek's Security Flaws (Mar 31, 2025) https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws War Room Best Practices (Nov 07, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices  Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research  Learn more about Unit 42's threat research at https://unit42.paloaltonetworks.com/.  Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at https://www.paloaltonetworks.com/podcasts/threat-vector. Join the conversation on our social media channels: Website: http://www.paloaltonetworks.com/ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube: ⁠⁠⁠⁠@paloaltonetworks Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠ Learn more about your ad choices. Visit megaphone.fm/adchoices

Mark, Lawrence, Sarahlyn, and Al watched Spinal Tap and its new sequel, and we throw these into a mix with K-Pop Demon Hunters and other films and shows involving made-for-TV (and film) bands, including We Are Lady Parts, That Thing You Do, Fear of a Black Hat, CB4, Atlanta, The Blues Brothers, The Commitments, Almost Famous, The Rutles, and The Monkees. Get an ad-free experience, plus bonus talking for this and nearly every episode at patreon.com/prettymuchpop for only the tiniest per-month financial pledge, or you can sign up directly with Apple Podcasts for a subscription for ad-free and bonus material for three of Mark's podcasts together on the Mark Lintertainment Podcasts Channel. Sponsors: Get 50% off Claude AI Pro at Claude.ai/pmp. Get 15% off an annual membership at MasterClass.com/PRETTY.

During his keynote at SecTor 2025, HD Moore, founder and CEO of runZero and widely recognized for creating Metasploit, invites the cybersecurity community to rethink the foundational “rules” we continue to follow—often without question. In conversation with Sean Martin and Marco Ciappelli for ITSPmagazine's on-location event coverage, Moore breaks down where our security doctrines came from, why some became obsolete, and which ones still hold water.One standout example? The rule to “change your passwords every 30 days.” Moore explains how this outdated guidance—rooted in assumptions from the early 2000s when password sharing was rampant—led to predictable patterns and frustrated users. Today, the advice has flipped: focus on strong, unique passwords per service, stored securely via password managers.But this keynote isn't just about passwords. Moore uses this lens to explore how many security “truths” were formed in response to technical limitations or outdated behaviors—things like shared network trust, brittle segmentation, and fragile authentication models. As technology matures, so too should the rules. Enter passkeys, hardware tokens, and enclave-based authentication. These aren't just new tools—they're a fundamental shift in where and how we anchor trust.Moore also calls out an uncomfortable truth: the very products we rely on to protect our systems—firewalls, endpoint managers, and security appliances—are now among the top vectors for breach, per Mandiant's latest report. That revelation struck a chord with conference attendees, who appreciated Moore's willingness to speak plainly about systemic security debt.He also discusses the inescapable vulnerabilities in AI agent flows, likening prompt injection attacks to the early days of cross-site scripting. The tech itself invites risk, he warns, and we'll need new frameworks—not just tweaks to old ones—to manage what comes next.This conversation is a must-listen for anyone questioning whether our security playbooks are still fit for purpose—or simply carried forward by habit.___________GUEST:HD Moore, Founder and CEO of RunZero | On Linkedin: https://www.linkedin.com/in/hdmoore/HOSTS:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comRESOURCES:Keynote: The Once and Future Rules of Cybersecurity: https://www.blackhat.com/sector/2025/briefings/schedule/#keynote-the-once-and-future-rules-of-cybersecurity-49596Learn more and catch more stories from our SecTor 2025 coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/sector-cybersecurity-conference-toronto-2025Mandiant M-Trends Breach Report: https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2025/OPM Data Breach Summary: https://oversight.house.gov/report/opm-data-breach-government-jeopardized-national-security-generation/Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More

Send us a textDavid Brockler, AI security researcher at NCC Group, explores the rapidly evolving landscape of AI security and the fundamental challenges posed by integrating Large Language Models into applications. We discuss how traditional security approaches fail when dealing with AI components that dynamically change their trustworthiness based on input data.• LLMs present unique security challenges beyond prompt injection or generating harmful content• Traditional security models focusing on component-based permissions don't work with AI systems• "Source-sink chains" are key vulnerability points where attackers can manipulate AI behavior• Real-world examples include data exfiltration through markdown image rendering in AI interfaces• Security "guardrails" are insufficient first-order controls for protecting AI systems• The education gap between security professionals and actual AI threats is substantial• Organizations must shift from component-based security to data flow security when implementing AI• Development teams need to ensure high-trust AI systems only operate with trusted dataWatch for NCC Group's upcoming release of David's Black Hat presentation on new security fundamentals for AI and ML systems. Connect with David on LinkedIn (David Brockler III) or visit the NCC Group research blog at research.nccgroup.com.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

When we talk about AI at cybersecurity conferences these days, one term is impossible to ignore: agentic AI. But behind the excitement around AI-driven productivity and autonomous workflows lies an unresolved—and increasingly urgent—security issue: identity.In this episode, Sean Martin and Marco Ciappelli speak with Cristin Flynn Goodwin, keynote speaker at SecTor 2025, about the intersection of AI agents, identity management, and legal risk. Drawing from decades at the center of major security incidents—most recently as the head cybersecurity lawyer at Microsoft—Cristin frames today's AI hype within a longstanding identity crisis that organizations still haven't solved.Why It Matters NowAgentic AI changes the game. AI agents can act independently, replicate themselves, and disappear in seconds. That's great for automation—but terrifying for risk teams. Cristin flags the pressing need to identify and authenticate these ephemeral agents. Should they be digitally signed? Should there be a new standard body managing agent identities? Right now, we don't know.Meanwhile, attackers are already adapting. AI tools are being used to create flawless phishing emails, spoofed banking agents, and convincing digital personas. Add that to the fact that many consumers and companies still haven't implemented strong MFA, and the risk multiplier becomes clear.The Legal ViewFrom a legal standpoint, Cristin emphasizes how regulations like New York's DFS Cybersecurity Regulation are putting pressure on CISOs to tighten IAM controls. But what about individuals? “It's an unfair fight,” she says—no consumer can outpace a nation-state attacker armed with AI tooling.This keynote preview also calls attention to shadow AI agents: tools employees may create outside the control of IT or security. As Cristin warns, they could become “offensive digital insiders”—another dimension of the insider threat amplified by AI.Looking AheadThis is a must-listen episode for CISOs, security architects, policymakers, and anyone thinking about AI safety and digital trust. From the potential need for real-time, verifiable agent credentials to the looming collision of agentic AI with quantum computing, this conversation kicks off SecTor 2025 with urgency and clarity.Catch the full episode now, and don't miss Cristin's keynote on October 1.___________Guest:Cristin Flynn Goodwin, Senior Consultant, Good Harbor Security Risk Management | On LinkedIn: https://www.linkedin.com/in/cristin-flynn-goodwin-24359b4/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcweb___________ResourcesKeynote: Agentic AI and Identity: The Biggest Problem We're Not Solving: https://www.blackhat.com/sector/2025/briefings/schedule/#keynote-agentic-ai-and-identity-the-biggest-problem-were-not-solving-49591Learn more and catch more stories from our SecTor 2025 coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/sector-cybersecurity-conference-toronto-2025New York Department of Financial Services Cybersecurity Regulation: https://www.dfs.ny.gov/industry_guidance/cybersecurityGood Harbor Security Risk Management (Richard Clarke's firm): https://www.goodharbor.net/Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More

Monster trucks, skeletons, and a CMO who doesn't think about cost analysis very often. In this in-studio conversation, Torq CMO Don Jeter breaks down how brand-led world-building beats feature dumps, why entertainment now matters more than information on the trade show floor, and how a Monster Jam partnership and an episodic LinkedIn “junior intern” series created real pipeline by earning mental real estate long before buyers are in-market. We get into the 60-day rebrand sprints, showing up at Black Hat, aligning sales and product so bold creative actually converts, measuring what matters when attribution gets fuzzy, and using AI for brainstorming without shipping “AI slop.” Stick around to the lightning round where Don reveals his $10M marketing moonshot and the sacred marketing belief he thinks won't age well. If you care about brand, demand, and breaking B2B sameness, watch through to the end and then queue it up on audio for the commute. Key Moments: 00:00: Brand > Features: Cold Open02:09: Rebrand to Stand Out (Not Blend In)03:53: Trade Show Strategy + Monster Jam Booth07:31: World-Building for B2B Brands10:02: Episodic LinkedIn: Meet “Intern Trevor”13:18: Do Bold Stunts Actually Drive Revenue?20:16: Brand x Product x Sales: Tight Alignment30:04: Polarizing on Purpose: Handling the Haters34:30: Collabs, Culture & Consistency (Beyond F1)38:52: AI for Ideas, Humans for Taste45:00: Hiring Creatives + Technical PMM Muscle48:03 Lightning Round (Super Bowl Ads, Hot Takes & More)  Mission.org is a media studio producing content alongside world-class clients. Learn more at mission.org. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click. From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust. Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world. Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture. This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh! In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What's happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries. To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-413

Segment 1 - Interview with Jeff Pollard Introducing Forrester's AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security For this episode's interview, we're talking to Forrester analyst Jeff Pollard. I'm pulling this segment's description directly from the report's executive summary, which I think says it best: As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won't be as simple or as straightforward as mobile and cloud — and that's bad news for security leaders who in some cases still find themselves challenged by cloud security. Segment 2 - Weekly News Then, in the enterprise security news, there's funding and acquisitions, but we're not going to talk about them AI's gonna call the cops on you and everyone's losing money on it and Anthropic agreed to pay for all the copyright infringement they did when training models and Otter.ai got sued for recording millions of conversations without consent Burger King got embarrassed and their lawyers didn't like it NPM package mayhem certificate authority hijinks AI darwin awards All that and more, on this episode of Enterprise Security Weekly. Segment 3 - Executive Interviews from Black Hat 2025 Interview with Rohit Dhamankar from Fortra Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape. Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures. Whether you're building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more! Interview with Michael Leland from Island At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity's most urgent realities: compromised credentials aren't a possibility — they're a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren't “breaking in” anymore… they're logging in. Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island's enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins. Key takeaways: Why credential compromise is inevitable — and how to stop credential use How presentation layer DLP prevents data leaks inside and outside apps Real-time blocking of phishing logins and unsanctioned SaaS access Plug-in risk scoring, version pinning, and selective extension control Enabling BYOD securely — even after a catastrophic laptop loss Why many users never go back to Chrome, Edge, or Safari after switching Segment Resources: https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-424

With volatility now the norm, security and risk leaders need practical guidance on managing existing spending and new budgetary necessities. Where should they look? Jess Burn, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss Forrester's Budget Planning Guide 2026: Security And Risk. This data-and-insights-driven report provides spending benchmarks and recommendations that will help you budget for an unpredictable near term while enabling the business and mitigating the most critical risks facing your organization. If you're preparing your 2026 budgets, don't miss this interview where you'll learn where to invest, divest, and experiment. From the buzzing floors of BlackHat 2025 in Las Vegas, CyberRisk TV brings you an exclusive sit-down with Danny Jenkins, CEO & Co-Founder of ThreatLocker. In this high-energy interview, host Doug White dives deep into the real-world challenges of FedRAMP compliance, the million-dollar prep lessons, and the critical importance of secure configurations. Danny shares unfiltered insights into Defense Against Misconfigurations — ThreatLocker's new approach that helps organizations lock down endpoints, enforce application control, and spot hidden risks before attackers do. From Russian-made 7Zip to Chinese coupon clippers lurking in browsers, the conversation reveals shocking examples of threats hiding in plain sight. Whether you're a cybersecurity pro, IT leader, or compliance specialist, this interview offers a rare, behind-the-scenes look at the pain, process, and payoff of operating at the highest security standards in the industry. Segment Resources: https://threatlocker.com/platform/defense-against-configuration?utmsource=cyberriskalliance&utmmedium=sponsor&utmcampaign=blackhat25q325&utmcontent=blackhat25&utm_term=podcast This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerbh to learn more about them! Live from the CyberRisk TV studio at Black Hat 2025 in Las Vegas, host Matt Alderman sits down with Matt Muller, Field CISO at Tines, for a deep-dive into how Security Operations Centers must evolve. From blowing up the outdated tier system to empowering junior analysts with AI, this conversation uncovers the real strategies driving next-gen cyber defense. Muller explains why traditional SOC models create burnout, how AI can flatten team structures, and why measuring the right metrics—like Mean Time to Detect—is critical for success. They tackle the balance of human + AI orchestration, the security challenges of non-human identities, and how to rethink access controls for a machine-augmented future. If you care about SOC transformation, AI-driven security workflows, and cyber resilience at scale, this is the conversation you can't afford to miss. Watch until the end for practical insights you can start applying today in your own security operations. This segment is sponsored by Tines. Visit https://securityweekly.com/tinesbh to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-412

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity's door. They discuss the terrifying reality of quantum computing's power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline for transitioning away from legacy crypto, organizations face a race against time. Ted breaks down what "full crypto visibility" really means, why it's crucial to map your cryptographic assets now, and how legacy tech—from robotic sawmills to outdated hospital gear—poses serious risks. The interview explores NIST's new post-quantum algorithms, global readiness efforts, and how Keyfactor's acquisitions of InfoSec Global and Cipher Insights help companies start the quantum transition today—not tomorrow. Don't wait for the breach. Watch this and start your quantum strategy now. If digital trust is the goal, cryptography is the foundation. Segment Resources: http://www.keyfactor.com/digital-trust-digest-quantum-readiness https://www.keyfactor.com/press-releases/keyfactor-acquires-infosec-global-and-cipherinsights/ For more information about Keyfactor's latest Digital Trust Digest, please visit: https://securityweekly.com/keyfactorbh Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue. In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization's crown jewels at risk. From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you're a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets. Key topics covered: - The truth about alert fatigue & why it's crippling SOC efficiency - How AI-driven offensive security changes the game - Visualizing kill chains to drive faster remediation - Why fixing “what matters” beats fixing “everything” - The future of AI trust, transparency, and control in cybersecurity Watch now to discover how BreachLock is redefining offensive security for the AI era. Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/ This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-347

This week, Ron Steslow and Hagar Chemali (Fmr. spokesperson for the U.S. Mission to the UN) discuss information warfare and the biased reporting about Israel ahead of their ground offensive in Gaza City.    Then, the backlash against parties in power in Europe and why Americans need to care about it. In Politicology+ they discuss China's military parade, the meetings between the leaders of China, Russia, and India and why it matters so much right now. Not yet a Politicology+ member? Don't miss all the extra episodes on the private, ad-free version of this podcast. Upgrade now at politicology.com/plus. Contribute to Politicology at politicology.com/donate Find our sponsor links and promo codes here: https://bit.ly/44uAGZ8 Get 15% off OneSkin with the code RON at  https://www.oneskin.co/ #oneskinpod Send your questions and ideas to podcast@politicology.com or leave a voicemail at ‪(703) 239-3068‬ Follow this week's panel on X (formerly Twitter): https:/x.com/RonSteslow https://x.com/HagarChemali Related Reading:  TOI - Tens of thousands of reservists drafted ahead of Gaza City takeover, but turnout down | The Times of Israel TOI - At stormy cabinet meet, IDF chief said to warn Gaza op will lead to full-fledged occupation | The Times of Israel FP - WATCH: Gazan Journalists Say Al Jazeera Works Hand in Glove with Hamas FP - They Became Symbols for Gazan Starvation. But All 12 Suffer from Other Health Problems. The Dispatch - White Hats and Black Hats in the Middle East WSJ - Populist Right-Wing Parties Lead Polls in Europe's Biggest Economies The Spectator - Migrant protests and the twilight of luxury beliefs Learn more about your ad choices. Visit megaphone.fm/adchoices

While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday. In this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers. First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs like Zero Day Quest (ZDQ) are shaping the future of vulnerability research in cloud and AI security. He also announced the next iteration of ZTQ with $5 million up for grabs. Next, Sherrod is joined by Eric Baller (Senior Security Researcher) and Eric Olson (Principal Security Researcher) to unpack the fast-changing ransomware landscape. From dwell time collapsing from weeks to minutes, to the growing role of access brokers, they explore how attackers operate as organized ecosystems and how defenders can respond. Finally, Sherrod welcomes Travis Schack (Principal Security Researcher) alongside Eric Olson to examine the mechanics of social engineering. They discuss how attackers exploit urgency, trust, and human curiosity, why AI is supercharging phishing campaigns, and how defenders can fight back with both training and technology. In this episode you'll learn:     How MSRC partners with researchers across 59 countries to protect customers Why Zero Day Quest is accelerating vulnerability discovery in cloud and AI How ransomware dwell times have shrunk from days to under an hour Resources: View Sherrod DeGrippo on LinkedIn  Zero Day Quest — Microsoft Microsoft Security Response Center Blog Related Microsoft Podcasts:   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks      Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider   The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. Learn more about your ad choices. Visit megaphone.fm/adchoices

A gambler with a run of good luck receives a free car from a mysterious man with gray eyes. As his winnings pile up, the gray‑eyed stranger reappears again and again, even after the gambler witnesses him commit murder. It's a chiller from Sleep No More! | #RetroRadio EP0476Join the DARKNESS SYNDICATE: https://weirddarkness.com/syndicateCHAPTERS & TIME STAMPS (All Times Approximate)…00:00:00.000 = Show Open00:01:30.028 = CBS Radio Mystery Theater, “Graven Image” (September 06, 1976)00:45:33.445 = Radio City Playhouse, “Blind Vengeance” (March 21, 1949)01:14:50.442 = Ripley's Believe It Or Not, “Strange Vigil” (1930) ***WD01:15:51.501 = Sam Spade, “Prodigal Panda Caper” (December 29, 1950) ***WD01:44:45.271 = The Sealed Book, “Death Spins a Web” (April 01, 1945) ***WD02:14:07.119 = The Shadow, “The Laughing Corpse” (March 10, 1940) ***WD02:39:48.766 = Sleep No More, “Over the Hill” and “The Man in the Black Hat” (December 05, 1956) ***WD03:03:08.645 = BBC Spine Chillers, “The Light of the Moon” (1984)03:17:05.922 = Strange Wills, “Emily” (August 31, 1946)03:46:46.558 = Strange, “Flying Dutchman” (1955) ***WD03:59:44.311 = Suspense, “Singing Walls” (September 02, 1943)04:29:19.384 = Tales of the Frightened, “White House” (December 20, 1957) ***WD04:33:39.410 = The Saint, “Christmas Eve Problems” (December 24, 1950)05:03:05.399 = Theater Five, “All Bright Young Ones” (October 12, 1964)05:24:06.434 = The Unexpected, “Revenge” (1948) ***WD05:38:52.106 = Dark Venture, “Chase” (August 03, 1946) ***WD (LQ)06:07:11.642 = The Weird Circle, “Burial of Roger Malvin” (October 22, 1944)06:34:16.694 = The Whistler, “Till Death Do Us Part” (July 30, 1944) ***WD07:01:49.673 = Witch's Tale, “Troth of Death” (May 29, 1933)07:25:13.650 = X Minus One, “The Seventh Order” (May 08, 1956)07:53:24.377 = ABC Mystery Time, “Death Walked In” (1956-1957) ***WD08:17:25.579 = Strange Adventure, “A Savage Honor” (1945) ***WD08:20:40.223 = Appointment With Fear, “And The Deep Shuddered” (November 20, 1945) ***WD08:46:23.888 = Beyond The Green Door, “James Neal And Bowler” (1966)08:49:56.610 = Boston Blackie, “The Ghost of Flo Newton” (May 28, 1947)09:15:03.289 = Box 13, “Speed To Burn” (June 26, 1949)09:41:33.885 = Show Close(ADU) = Air Date Unknown(LQ) = Low Quality***WD = Remastered, edited, or cleaned up by Weird Darkness to make the episode more listenable. Audio may not be pristine, but it will be better than the original file which may have been unusable or more difficult to hear without editing.Weird Darkness theme by Alibi Music LibraryABOUT WEIRD DARKNESS: Weird Darkness is a true crime and paranormal podcast narrated by professional award-winning voice actor, Darren Marlar. Seven days per week, Weird Darkness focuses on all thing strange and macabre such as haunted locations, unsolved mysteries, true ghost stories, supernatural manifestations, urban legends, unsolved or cold case murders, conspiracy theories, and more. On Thursdays, this scary stories podcast features horror fiction along with the occasional creepypasta. Weird Darkness has been named one of the “Best 20 Storytellers in Podcasting” by Podcast Business Journal. Listeners have described the show as a cross between “Coast to Coast” with Art Bell, “The Twilight Zone” with Rod Serling, “Unsolved Mysteries” with Robert Stack, and “In Search Of” with Leonard Nimoy.= = = = ="I have come into the world as a light, so that no one who believes in me should stay in darkness." — John 12:46= = = = =WeirdDarkness® is a registered trademark. Copyright ©2025, Weird Darkness.= = = = =#TrueCrime #Paranormal #ScienceFiction #OldTimeRadio #OTR #OTRHorror #ClassicRadioShows #HorrorRadioShows #VintageRadioDramas #SuspenseRadioClassics #1940sRadioHorror #OldRadioMysteryShows #CreepyOldRadioShows #TrueCrimeRadio #SupernaturalRadioPlays #GoldenAgeRadio #EerieRadioMysteries #MacabreOldTimeRadio #NostalgicThrillers #ClassicCrimePodcast #RetroHorrorPodcast #WeirdDarkness #WeirdDarknessPodcast #RetroRadio #ClassicRadioCUSTOM WEBPAGE: https://weirddarkness.com/WDRR0476