Podcast appearances and mentions of daniel miessler

What really happened at RSA 2024? Daniel Miessler and Jason Haddix break it down. Fresh off a whirlwind RSA week, Daniel sits down with Jason Haddix (Arcanum Information Security) to talk about what mattered—beyond the show floor noise. From off-site innovation summits to real-world AI implementation, this deep dive covers: -Where the real innovation happened (hint: not on the show floor)-Key takeaways from the OpenAI and Airbnb AI Security events-Jason’s talk on AI pentesting methodology and the Prompt Injection Taxonomy -The future of cybersecurity moats and the risk of AI-native disruption -Why agents aren’t the main character—data is -DARPA's AIxCC competition and the rise of Cyber Reasoning Systems -Challenges with evals, autonomous security workflows, and VDP backlash -Behind the scenes at RSA: puppies, parties, burnout, and brutal honesty They also explore content creation, the future of platform-native context, and why being opinionated (with receipts) matters more than ever in security and tech. Jason's Company https://arcanum-sec.comBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, Daniel Miessler explores how to supercharge your macOS workflow with Raycast, transforming everyday tasks into lightning-fast, AI-powered actions. He talks about: Raycast as a Universal Launcher:Daniel explains how Raycast replaces traditional launchers like Spotlight and Alfred, offering an all-in-one shortcut to apps, files, and bookmarks for unparalleled efficiency. Quick Links and Custom Searches:He demonstrates how quick links streamline navigation by replacing outdated bookmarks and enabling custom search commands that let you bypass the browser for faster access. Integrated Utilities and Window Management:Discover how Raycast consolidates everyday tools—from color pickers and process killers to custom window arrangements—ensuring that all your essential utilities are just a keystroke away. Advanced AI Integration:Learn how Raycast’s innovative AI commands integrate with platforms like ChatGPT and Fabric, allowing you to interact with, summarize, and analyze web content directly from your command line. Custom Commands and Productivity Hacks:Daniel reveals his secrets for creating personalized hotkeys, snippets, and aliases that reduce friction in your digital workflow, making your daily tasks smoother and more intuitive. Subscribe to the newsletter at:https://danielmiessler.com/newsletter Watch the video on YouTube at:https://www.youtube.com/c/UnsupervisedLearning Follow on Twitter at:https://twitter.com/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, Daniel Miessler explores how to supercharge your macOS workflow with Raycast, transforming everyday tasks into lightning-fast, AI-powered actions. He talks about: Raycast as a Universal Launcher:Daniel explains how Raycast replaces traditional launchers like Spotlight and Alfred, offering an all-in-one shortcut to apps, files, and bookmarks for unparalleled efficiency. Quick Links and Custom Searches:He demonstrates how quick links streamline navigation by replacing outdated bookmarks and enabling custom search commands that let you bypass the browser for faster access. Integrated Utilities and Window Management:Discover how Raycast consolidates everyday tools—from color pickers and process killers to custom window arrangements—ensuring that all your essential utilities are just a keystroke away. Advanced AI Integration:Learn how Raycast’s innovative AI commands integrate with platforms like ChatGPT and Fabric, allowing you to interact with, summarize, and analyze web content directly from your command line. Custom Commands and Productivity Hacks:Daniel reveals his secrets for creating personalized hotkeys, snippets, and aliases that reduce friction in your digital workflow, making your daily tasks smoother and more intuitive. Subscribe to the newsletter at:https://danielmiessler.com/newsletter Watch the video on YouTube at:https://www.youtube.com/c/UnsupervisedLearning Follow on Twitter at:https://twitter.com/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, Daniel Miessler explores how AI can transform our understanding of the present and create actionable paths for a better future. He talks about: The Current State, Desired State, and Transition in AI Applications:How AI frameworks can analyze the current state, define a desired state, and propose action plans to address challenges in education, climate, health, and beyond. The Infrastructure and Scale of AI:Why we’re only at the beginning of building the AI infrastructure required for future demands, from GPUs and data centers to startups pushing the boundaries of what’s possible. The Role of AI in Human and Organizational Development:How AI can revolutionize personal lives, enhance businesses, and solve societal issues by gathering and analyzing massive amounts of contextual data to provide actionable insights. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Chapters: 0:00 - Introduction to Unsupervised Learning Podcast 1:10 - Concept: Predicting AI Infrastructure Needs3:45 - The Challenge of Predicting Technology vs Human Desires6:20 - Exploring AI Infrastructure Metrics (GPUs, Data Centers, Startups)8:55 - Philosophical Insight: Current State vs Desired State 12:15 - AI’s Role in Learning from the Past and Anticipating the Future 14:50 - Addressing Global Issues with AI (Education, Poverty, Climate) 18:30 - Transitioning from Current State to Desired State 22:05 - Context Gathering: Granularity and Technology Limitations 25:40 - AI's Impact on Individual and Family Contexts 29:10 - AI’s Potential in Business: Granularity and Cost 32:50 - Vision of Life OS and Personalized Assistance 36:15 - AI in Society: Predicting and Preventing Problems 40:00 - Infinite Context and the Scaling of AI Capabilities 44:30 - Predictions on AI Context Size and Infrastructure Demand 48:20 - The Importance of Understanding the Current State 52:10 - ConclusionBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

How should individuals be thinking about generative artificial intelligence at work and at home? Let's find out with our guest Daniel Miessler, whose mission is “Working towards Human 3.0 so we can survive and thrive as humans after AI". Your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Website: https://danielmiessler.com/ LinkedIn: https://www.linkedin.com/in/danielmiessler/ X: https://x.com/DanielMiessler Fabric: https://github.com/danielmiessler/fabric Blog Post: https://danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong

This episode, "How My Projects Fit Together," is a follow-up to a previous post called "What I Am Doing & How It's Going". Here, Daniel Miessler addresses the most commonly asked questions: "I see all your projects, but what are they? How are they related?" He takes an individual look at his various projects (Substrate, Fabric, Telos, Daemon, and Human 3.0) and then how they work together to tackle big issues such as the lack of purpose and meaning in people's lives, preparing people for the impact of AI in society, and the need for holistic human development. For all the projects' links,visit: https://danielmiessler.com/p/how-my-projects-fit-together - Intro (00:00:00)- Identifying Major Problems (00:00:47)- Lack of Purpose and Meaning (00:01:50)- Impact of AI on Society (00:01:50)- Training for Full-Spectrum Individuals (00:03:02)- Security as a Core Focus (00:03:02)- Helios: Attack Surface Monitoring (00:04:11)- Daemon: Security Program Management (00:05:16)- Substrate: Enhancing Human Understanding (00:06:21)- Argument Components in Substrate (00:07:35)- AI and Argument Detection (00:10:59)- Fabric: Augmenting Humans with AI (00:15:26)- Fabric Patterns for Problem Solving (00:16:31)- Fabric Overview (00:19:36)- Telos Introduction (00:20:50)- Articulating the Mission (00:21:50)- Telos File Example (00:22:53)- Managing Personal Life with Telos (00:23:57)- AI and Purpose (00:26:10)- Daemon Introduction (00:28:21)- API Concept in Daily Life (00:29:28)- Digital Assistants and APIs (00:31:40)- Human Connection through Sharing (00:37:52)- Daemon Personal API Broadcast (00:39:53)- Human 30 Introduction (00:43:07)- Human 30 Philosophy (00:45:22)- Impact of AI on Work (00:48:47)- Human 30 Platform Overview (00:51:00)- Summary of Projects (00:54:03)- Vision of Future AI Integration (00:56:21)- Encouragement for Clarity and Purpose (00:57:39)- Encouragement for Purpose (00:59:47)- Articulating Your Work (01:00:46)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Human 3.0 is here. In this conference for the United Nations, Daniel Miessler introduces the topic of Human 3.0 philosophy and the skills and mental frameworks needed to thrive in an AI-driven world.  Learn about: - The future of work and the human 3.0 economy. - How AI will revolutionize startups and entrepreneurship. - How one-person billion-dollar companies are becoming a reality. - Creative expression and AI. - The importance of personal visibility and authenticity. - How to survive and thrive in today's rapidly evolving technological landscape. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Daniel Miessler discusses how AI can grow the number of elite propagandists and hackers employed by foreign intelligence agencies. Discussed in this video: AI-Enhanced Software and Disinformation (00:00:00)Russia utilizes AI software, Millio Radar, to create sophisticated fake personas for disinformation. Concerns About AI Sophistication (00:01:12)The increasing capabilities of AI could enable enemies to manipulate information on a massive scale. Shift from Block List to Allow List (00:02:30)The internet may need to transition to an allow list system to combat overwhelming disinformation. Risks for Ordinary Individuals (00:03:44)Regular users, especially the less tech-savvy, are at high risk of falling victim to manipulation online. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor. They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like. Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW. They discuss a number of essays, some of which are a must read: Daniel Miessler's Efficient Security Principle Subsalt's series on data privacy challenges Lucky vs Repeatable, a must-read from Morgan Housel AI has Flown the Coop, the latest from our absent co-host, Katie Teitler-Santullo Customer love by Ross Haleliuk and Rami McCarthy We briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach. We wrap up discussing Air Canada's short-lived AI-powered support chatbot. Show Notes: https://securityweekly.com/esw-357

This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor. They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like. Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW. They discuss a number of essays, some of which are a must read: Daniel Miessler's Efficient Security Principle Subsalt's series on data privacy challenges Lucky vs Repeatable, a must-read from Morgan Housel AI has Flown the Coop, the latest from our absent co-host, Katie Teitler-Santullo Customer love by Ross Haleliuk and Rami McCarthy We briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach. We wrap up discussing Air Canada's short-lived AI-powered support chatbot. Show Notes: https://securityweekly.com/esw-357

In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll focus particularly on one cybercrime actor, KillNet. Segment Resources: Understanding DDoS Attacks: What is a DDoS Attack and How Does it Work? - I know the title makes this blog post sound rather basic, but it will get you up to speed on all the latest DDoS types, actors, and terminology pretty quickly! What is An Application-Layer DDoS Attack, and How Do I Defend Against Them? 2023 DDoS Statistics and Trends https://en.wikipedia.org/wiki/Killnet This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor. They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like. Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW. They discuss a number of essays, some of which are a must read: Daniel Miessler's Efficient Security Principle Subsalt's series on data privacy challenges Lucky vs Repeatable, a must-read from Morgan Housel AI has Flown the Coop, the latest from our absent co-host, Katie Teitler-Santullo Customer love by Ross Haleliuk and Rami McCarthy We briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach. We wrap up discussing Air Canada's short-lived AI-powered support chatbot. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-357

In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll focus particularly on one cybercrime actor, KillNet. Segment Resources: Understanding DDoS Attacks: What is a DDoS Attack and How Does it Work? - I know the title makes this blog post sound rather basic, but it will get you up to speed on all the latest DDoS types, actors, and terminology pretty quickly! What is An Application-Layer DDoS Attack, and How Do I Defend Against Them? 2023 DDoS Statistics and Trends https://en.wikipedia.org/wiki/Killnet This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor. They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like. Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW. They discuss a number of essays, some of which are a must read: Daniel Miessler's Efficient Security Principle Subsalt's series on data privacy challenges Lucky vs Repeatable, a must-read from Morgan Housel AI has Flown the Coop, the latest from our absent co-host, Katie Teitler-Santullo Customer love by Ross Haleliuk and Rami McCarthy We briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach. We wrap up discussing Air Canada's short-lived AI-powered support chatbot. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-357

Rachel Tobac is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm. Learn more about Rachel by following her on Twitter https://twitter.com/RachelTobac or by visiting https://www.socialproofsecurity.com/ Daniel Miessler also chimes in to talk about AI. Find out more about him at https://danielmiessler.com/. Sponsors Support for this show comes from Varonis. Do you wonder what your company's ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet. Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free. Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Legacy systems are riddled with outdated and unreliable cryptographic standards. So much so that recent proprietary research found 61 percent of the traffic was unencrypted, and up to 80% of encrypted network traffic has some defeatable flaw in its encryption No longer can enterprises take their cryptography for granted, rarely evaluated or checked. Knowing when, where and what type of cryptography is used throughout the enterprise and by which applications is critical to your overall security policy, zero-trust approach, and risk management strategy. After all, zero-trust is meaningless if your cryptography isn't working. Segment Resources: https://www.businesswire.com/news/home/20231030166159/en/Proprietary-Research-from-Quantum-Xchange-Shows-the-Dreadful-State-of-Enterprise-Cryptography https://www.forbes.com/sites/forbestechcouncil/people/vincentberk/?sh=3d88055852c1 This segment is sponsored by Quantum Xchange. Visit https://securityweekly.com/quantumxchange to learn more about them! This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there. In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them. We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter. We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks! Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-349

Legacy systems are riddled with outdated and unreliable cryptographic standards. So much so that recent proprietary research found 61 percent of the traffic was unencrypted, and up to 80% of encrypted network traffic has some defeatable flaw in its encryption No longer can enterprises take their cryptography for granted, rarely evaluated or checked. Knowing when, where and what type of cryptography is used throughout the enterprise and by which applications is critical to your overall security policy, zero-trust approach, and risk management strategy. After all, zero-trust is meaningless if your cryptography isn't working. Segment Resources: https://www.businesswire.com/news/home/20231030166159/en/Proprietary-Research-from-Quantum-Xchange-Shows-the-Dreadful-State-of-Enterprise-Cryptography https://www.forbes.com/sites/forbestechcouncil/people/vincentberk/?sh=3d88055852c1 This segment is sponsored by Quantum Xchange. Visit https://securityweekly.com/quantumxchange to learn more about them! This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there. In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them. We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter. We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks! Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-349

This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there. In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them. We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter. We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks! Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349 Show Notes: https://securityweekly.com/esw-349

This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there. In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them. We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter. We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks! Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349 Show Notes: https://securityweekly.com/esw-349

This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there. In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them. We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter. We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks! Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349 Show Notes: https://securityweekly.com/esw-349

Get these skills in 2024! Or at least get started. Do you agree? // Books MENTIONED // Can't hurt me: https://amzn.to/3TDerwg Atomic Habits: https://amzn.to/3GUsrKP Deep Work: https://amzn.to/3RTxCAS Discipline equals freedom: https://amzn.to/4aB3rpu Extreme Ownership: https://amzn.to/4aB3zoY The 4 hour work week: https://amzn.to/3tn8oBD // Videos mentioned // AI Firewalls are here! (Can your firewall do this?): https://youtu.be/n_-QuGvQXso Mike Pound's video path to AI in 2024: Coming soon! Daniel Miessler's video: Coming soon! ChatGPT takes Control: https://youtu.be/V8p2JjAW258 NSA Back Door in Windows?: https://youtu.be/HYzbihjcbLs 2024 Ivan Pepelnjak: Coming soon! // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X / Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com ai bard gemini google bard google ai microsoft chatgpt linux python golang rust aws azure gcp cloud networking ccna Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #linux #python #hacking

In episode 78 of the We Hack Purple Podcast host Tanya Janca brings Jason Haddix on to talk about artificial intelligence, and (of course) how to hack it! Jason discussed how to use AI for both defense and offence, using plain language (conversational), rather than code, and what a red teaming exercise looks for such a system. We talked about what a large language model looks like, cleaning up data, and how easy it is to get them to do bad things. Jason invited everyone to the AI Village at Def Con this year, and so much more! There was also much love for Daniel Miessler, his articles on AI, and his newsletter Unsupervised Learning (https://danielmiessler.com/newsletter/). Listen to hear the whole thing!Jason Haddix AKA jhaddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation and red teaming  consultancy. He's had a distinguished 18-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 51st all-time on Bugcrowd's bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason Links! https://buddobot.com/https://twitter.com/BuddoBothttps://www.linkedin.com/company/buddobot/mycompany/https://twitter.com/Jhaddixhttps://www.jhaddix.com/https://www.linkedin.com/in/jhaddix/ Jason's Newsletter: https://executiveoffense.beehiiv.com/ Jason's training happening in July: https://tbhmlive.com/ Very special thanks to our sponsor!Semgrep Supply Chain's reachability analysis lets you ignore the 98% of false positives in open source vulnerabilities and quickly find and fix the 2% of issues that are actually reachable. Get Your Free Trial Here! Semgrep also makes a ludicrously fast static analysis tool They have a free and paid version of this tool, which uses an open-source engine, and offers additional community created ruleset! Check out Semgrep Code HERE   Join We Hack Purple!Check out our brand new courses in We Hack Purple Academy (https://academy.wehackpurple.com/). Join us in the We Hack Purple Community (https://community.wehackpurple.com/):  A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to 

Episode 24: In this episode of Critical Thinking - Bug Bounty Podcast, we chat with Daniel Miessler and Rez0 about the emergence and potential of AI in hacking. We cover AI shortcuts and command line tools, AI in code analysis and the use of AI agents, and even brainstorm about the possible opportunities that integrating AI into hacking tools like Caido and Burp might present. Don't miss this episode packed with valuable insights and cutting-edge strategies for both beginners and seasoned bug bounty hunters alike.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterToday's Guests:https://twitter.com/rez0__https://twitter.com/DanielMiesslerDaniel Miessler's Unsupervised Learninghttps://danielmiessler.com/Simon Willison's Python Function Search Toolhttps://simonwillison.net/2023/Jun/18/symbex/oobabooga - web interface for modelshttps://github.com/oobabooga/text-generation-webuiState of GPThttps://karpathy.ai/stateofgpt.pdf AI Canarieshttps://danielmiessler.com/p/ai-agents-canaries GPT3.5https://community.openai.com/t/gpt-3-5-turbo-0613-function-calling-16k-context-window-and-lower-prices/263263 GPT Engineerhttps://github.com/AntonOsika/gpt-engineerTimestamps:(00:00:00) Introduction(00:05:40) Using AI for hacking: Developing hacking tools and workflow shortcuts(00:11:40) GPT Engineer and Small Developer for Security Vulnerability Mapping(00:22:40) The potential dangers of centralized vs. decentralized finance(00:24:10) Ethical hacking and circumventing ChatGPT restrictions(00:26:09) AI Agents, Reverse API, and Encoding/Decoding Tools(00:31:45) Limitations of AI in context window and processing large JavaScript files(00:36:50) Meta-prompter: Enhancing prompts for accurate responses from GPT(00:41:00) GPT-35 and the new 616K context model(45:08) Creating a loader for Burp Suite files or Caido instances(00:54:02) Hacking AI Features: Best Practices(01:00:00) AI plugin takeover and the need for verification of third-party plugins and tools

This is the first interview in a two-part AI special! First up, we talk with Daniel Miessler, who has been following the generative AI trend very closely and is one of the most prolific writers and thought leaders on the topic. It's a massively divisive topic with the most successful product ever launched (ChatGPT). Some folks think it's overhyped, some think it's going to replace all the worst parts of the worst jobs, and others think it could be the beginning of the end for humanity. While other interviews on GenAI get deep into conversations on the future of humanity, we're going to stay closer to home on this one. It seems clear that GenAI will transform the enterprise more quickly than any other technology trend we've seen. We'll discuss what security needs to do to prepare for this shift, and why security teams should begin exploring GenAI themselves as soon as possible. Generative AI is taking the world by storm. Naturally, enterprises are looking for ways to integrate the innovative technology into their techstack, boost productivity of the knowledge workers and overall increase their ROI. The question is, how to do it without compromising data privacy and security standards of the enterprises. Segment Resources: https://zerosystems.com/ In this episode we briefly cover funding, and discuss Snyk's acquisition of Enso Security and Cisco's Armorblox buy. We discuss some new open source AI tools: privateGPT, llm, ttok, and strip-tags. We discuss the death of Meta's massive Metaverse movement and go DEEP down the rabbithole on the new Stop Silly Security Awards website. Artifact's AI rewrites clickbaity headlines and we wrap up by exploring a very entertaining Map of GitHub communities: https://anvaka.github.io/map-of-github/  Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw-320

This is the first interview in a two-part AI special! First up, we talk with Daniel Miessler, who has been following the generative AI trend very closely and is one of the most prolific writers and thought leaders on the topic. It's a massively divisive topic with the most successful product ever launched (ChatGPT). Some folks think it's overhyped, some think it's going to replace all the worst parts of the worst jobs, and others think it could be the beginning of the end for humanity. While other interviews on GenAI get deep into conversations on the future of humanity, we're going to stay closer to home on this one. It seems clear that GenAI will transform the enterprise more quickly than any other technology trend we've seen. We'll discuss what security needs to do to prepare for this shift, and why security teams should begin exploring GenAI themselves as soon as possible. Generative AI is taking the world by storm. Naturally, enterprises are looking for ways to integrate the innovative technology into their techstack, boost productivity of the knowledge workers and overall increase their ROI. The question is, how to do it without compromising data privacy and security standards of the enterprises. Segment Resources: https://zerosystems.com/ In this episode we briefly cover funding, and discuss Snyk's acquisition of Enso Security and Cisco's Armorblox buy. We discuss some new open source AI tools: privateGPT, llm, ttok, and strip-tags. We discuss the death of Meta's massive Metaverse movement and go DEEP down the rabbithole on the new Stop Silly Security Awards website. Artifact's AI rewrites clickbaity headlines and we wrap up by exploring a very entertaining Map of GitHub communities: https://anvaka.github.io/map-of-github/  Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly  Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw-320

This is the first interview in a two-part AI special! First up, we talk with Daniel Miessler, who has been following the generative AI trend very closely and is one of the most prolific writers and thought leaders on the topic. It's a massively divisive topic with the most successful product ever launched (ChatGPT). Some folks think it's overhyped, some think it's going to replace all the worst parts of the worst jobs, and others think it could be the beginning of the end for humanity. While other interviews on GenAI get deep into conversations on the future of humanity, we're going to stay closer to home on this one. It seems clear that GenAI will transform the enterprise more quickly than any other technology trend we've seen. We'll discuss what security needs to do to prepare for this shift, and why security teams should begin exploring GenAI themselves as soon as possible.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-320 

This is the first interview in a two-part AI special! First up, we talk with Daniel Miessler, who has been following the generative AI trend very closely and is one of the most prolific writers and thought leaders on the topic. It's a massively divisive topic with the most successful product ever launched (ChatGPT). Some folks think it's overhyped, some think it's going to replace all the worst parts of the worst jobs, and others think it could be the beginning of the end for humanity. While other interviews on GenAI get deep into conversations on the future of humanity, we're going to stay closer to home on this one. It seems clear that GenAI will transform the enterprise more quickly than any other technology trend we've seen. We'll discuss what security needs to do to prepare for this shift, and why security teams should begin exploring GenAI themselves as soon as possible.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-320 

AI Security Podcast -  ChatGPT and other Generative AI use Large Language Model (LLM) but can these AI systems be attacked? ☠

Guests: Jason Haddix, CISO and Hacker in Charge at BuddoBot Inc [@BuddoBot]On LinkedIn | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/JhaddixAt RSAC | https://www.rsaconference.com/experts/Jason%20HaddixBen Sadeghipour, Vice President, Research and CommunityVice President, Research and Community at Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/nahamsec/At RSAC | https://www.rsaconference.com/experts/ben-sadeghipourDaniel Miessler, Founder of Unsupervised LearningOn LinkedIn | https://www.linkedin.com/in/danielmiessler/On Twitter | https://twitter.com/DanielMiesslerAt RSAC | https://www.rsaconference.com/experts/daniel-miessler____________________________Host: Phillip Wylie, Host of The Hacker Factory PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesHow has content creation improved and influenced cybersecurity through education and as an information source?____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Guests: Jason Haddix, CISO and Hacker in Charge at BuddoBot Inc [@BuddoBot]On LinkedIn | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/JhaddixAt RSAC | https://www.rsaconference.com/experts/Jason%20HaddixBen Sadeghipour, Vice President, Research and CommunityVice President, Research and Community at Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/nahamsec/At RSAC | https://www.rsaconference.com/experts/ben-sadeghipourDaniel Miessler, Founder of Unsupervised LearningOn LinkedIn | https://www.linkedin.com/in/danielmiessler/On Twitter | https://twitter.com/DanielMiesslerAt RSAC | https://www.rsaconference.com/experts/daniel-miessler____________________________Host: Phillip Wylie, Host of The Hacker Factory PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesHow has content creation improved and influenced cybersecurity through education and as an information source?____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Today RSnake sits down with Daniel Miessler, a polymath in security, artificial intelligence, the human condition and more. Daniel is a big thinker and has a popular blog, podcast and newsletter called Unsupervised Learning where he discusses a lot of the topics we go into today. They talk about AGI, the future of work, how things can and are likely to go terribly wrong, how humans will need to adapt, and so much more.

HostsSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliEpisode NotesThe ITSPmagazine Weekly Catch-Up | 14-April-2023 | With Marco Ciappelli and Sean MartinITSPmagazine YouTube Channel

In this episode, we finish taking a deep dive into an article by my Infosec spirit animal, Daniel Miessler on the future of Information Security work. We agree, we disagree. You should read the article and listen. Article - Thinking About the Future of InfoSec (v2022) If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app! I put on my robe and wizard hat... (NSFW)

Daniel Miessler joins us to talk about how security assessments often get confused and misused. We talk about vulnerability assessments versus bug bounties versus pentests versus red team engagements. Oh and what's purple team really supposed to be anyway? We wrap up by talking career advice for those interested in a role related to security assessments.

In this episode, we take a deep dive into an article by my Infosec spirit animal, Daniel Miessler on the future of Information Security work. We agree, we disagree. You should read the article and listen. Article - Thinking About the Future of InfoSec (v2022) If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app! I put on my robe and wizard hat... (NSFW)

On this episode of the BCP, Justin welcomes author and blogger Daniel Miessler. They get elbow deep into discussing whether the next step (ASI/Cyborg/Genetic Manipulation) in consciousness and knowledge leads to the conclusion that life might not be worth living at that bandwidth of knowledge and understanding. Also, we get to find out if WW3 is imminent. 

In this episode of the Virtual Coffee with Ashish edition, we spoke with Daniel Miessler Host: Ashish Rajan - Twitter @hashishrajan Guest: Daniel Miessler - Linkedin @danielmiessler In this episode, Daniel & Ashish spoke about What was your path into CyberSecurity Continuous Monitoring(CM) or Continuous Auditing - is that the same thing for you? CI/CD, one would assume CM is obvious, or is CM more of a mature organisation thing? At what point, should an organisation consider Continuous Monitoring? Do smaller organisations need to think about it as well? What is BugBounty? How do we find more about BugBounty resources for continuous monitoring? Are you using Python for automation? How to manage risk around Bounty program? What suggestions do you have for continuous monitoring in a multi cloud environment? Have you added any machine learning algorithms to your methodology or KO moves? How can one start with automation when looking for vulnerability Continuously How do you scale inventory for resources? Can you use it to find fake phishing websites? Custom code vs product for continuous monitoring? Is there alert fatigue in continuous monitoring? Why is it important to do continuous monitoring? Does everyone in tech or in general need to have a personal brand? Tips for Personal Branding for audience that enjoys blogging or podcasting? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

For our first episode in power month I'm joined by Daniel Miessler, online security expert and curator of the popular newsletter, and podcast, Unsupervised Learning. Daniel has over 20 years experience in the world of online security and technology and wrote the book The Real Internet of Things which explores the future for humanity in a connected world. We explore a range of topics including what data breaches mean for society, whether companies take security threats seriously, what happens to the data, and what an increasingly online world means for society at large. We go deep on the future of big data and the curated reality that is emerging from a tech driven world that, as Yuval Noah Harari puts it, knows us better than we know ourselves.Show notesUnsupervised LearningThe Real Internet of Things - Daniel MiesslerGarmin ransomware attackThe Age of Surveillance Capitalism - Shoshana ZuboffAcxiomOPM security breach (2015)Homo Deus - Yuval Noah HarariIn Your Face: China's all-seeing stateWestworldEverybody Lies - Seth Stephens-DavidowitzWould I be helped? Cross-national CCTV footage shows that intervention is the norm in public conflicts https://www.facebook.com/thehereandnowpodcast/ https://twitter.com/herenowpodcast emailthehereandnow@gmail.comSupport the show (https://www.patreon.com/thehereandnowpodcast)

It's difficult enough to manage network security or web security or application security or mobile security but when they all come together you have the Frankenstein-like monster called IoT security. And when they all come together you have the unique challenges of security system security too – welcome to IoT. In this episode of the IoT Business Show, I speak with Daniel Miessler about the top security risks facing IoT and how to mitigate them. This is part two of a two-part interview.. Read the rest of the show analysis notes at: http://bit.ly/IoTpodcast30notes This show is brought to you by DIGITAL OPERATING PARTNERS Related links you may find useful: Season 1: Episodes and show notes Season 1 book: IoT Inc Season 2: Episodes and show notes Season 2 book: The Private Equity Digital Operating Partner Training: Digital transformation certification

It's difficult enough to manage network security or web security or application security or mobile security but when they all come together you have the Frankenstein-like monster called IoT security. And when they all come together you have the unique challenges of security system security too – welcome to IoT. In this episode of the IoT Business Show, I speak with Daniel Miessler about the top security risks facing IoT and how to mitigate them. This is part one of a two-part interview.. Read the rest of the show analysis notes at: http://bit.ly/IoTpodcast29notes This show is brought to you by DIGITAL OPERATING PARTNERS Related links you may find useful: Season 1: Episodes and show notes Season 1 book: IoT Inc Season 2: Episodes and show notes Season 2 book: The Private Equity Digital Operating Partner Training: Digital transformation certification

Recorded live on 2019/06/30 - to be part of our live audience, visit osintcurio.us and click on Webcast In episode 15 of the OSINTCurious webcast we discuss: Links to things we discussed: - Twitter getting rid of “precise geotagging”: https://www.theverge.com/2019/6/19/18... - New blog post by Daniel Miessler about Amass: https://danielmiessler.com/study/amass/, Link to the GitHub repo: https://github.com/OWASP/Amass - New search tool for TikTok: https://www.osintcombine.com/tiktok-q... - DarkLight, a Dark web scraper: https://github.com/bunseokbot/darklight, With an invite only web front: https://darklight.kr/recent - Facebooks ad library with current and historical advertisement data: https://www.facebook.com/ads/library/ - TraceLabs is organizing another global CTF: https://www.eventbrite.ca/e/trace-lab... - OSINT Mentoring - Listener questions answered! People in this episode: Ginsberg5150 Sector035 Technisette Kirby Plessas Nico, Dutch OSINT Guy Katelyn Bowden (badassbowden) - SPECIAL Guest! --- Support this podcast: https://anchor.fm/osintcurious/support

Seth and Ken talk about the recent release of ClusterFuzz by Google. Joined by Daniel Miessler (@Daniel Miessler) to talk about the SecLists project, how it relates to fuzzing, training developers and his path into security.

Seth and Ken talk about the recent release of ClusterFuzz by Google. Joined by Daniel Miessler (@Daniel Miessler) to talk about the SecLists project, how it relates to fuzzing, training developers and his path into security.

In today’s episode, Sean Martin connects with Aaron Guzman and Daniel Miessler to take a look at the new edition of the OWASP Top 10 for the Internet of Things. This project, which began in 2014, contains a lot of work related to identifying the risks, vulnerabilities and controls necessary to safely deploy and use Internet-connected devices at work, at home and in society. Aaron and Daniel walk us through the top 10 list, giving us some insight into each item and how it can have an impact on how things are built, implemented and broken. While the goal of the IoT top 10 is to simplify the view for these 3 target audiences (builders, implementers, breakers), the surrounding project elements within the OWASP environment and some of the partner projects outside of the OWASP ecosystem can really make a difference in how we approach IoT security moving forward.

On this episode, Chris and Robert are joined by Daniel Miessler to talk about the upcoming Top 10 list for IoT. You can find Daniel on Twitter @DanielMiessler IoT Project The post OWASP IoT Top 10 (S04E22) appeared first on Security Journey Podcasts.

Head of Trust and Security at Bugcrowd Jason Haddix joins penetration tester and OWASP IoT author Daniel Miessler to discuss their time walking the floor at CES 2017. From automotive tech to bots, listen to this podcast to hear about top CES trends seen through a security lens.

Chandler Klebs, George Ortega, David Joseph, Trick Slattery, Daniel Miessler, and Neal Gafter talk about free will, causality, and acausality. Neal doesn't have that much interest in taking a position on whether or not we have free will but would like to discuss how clear our definitions are....This item has files of the following types: Archive BitTorrent, Columbia Peaks, Item Tile, Metadata, Ogg Vorbis, PNG, Spectrogram, VBR MP3

Chandler Klebs, George Ortega, Mitch J, Michael Walsh, David Joseph, and new cohost Daniel Miessler discuss new projects they have in mind to help educate people on why we don't have free will and why it's important....This item has files of the following types: Archive BitTorrent, Columbia Peaks, Item Tile, Metadata, Ogg Vorbis, PNG, Spectrogram, VBR MP3, ZIP

Chandler Klebs, George Ortega, Mitch J, Michael Walsh, David Joseph, and new cohost Daniel Miessler discuss what the practical differences are between the goals of incompatibilists and compatibilists in reforming society....This item has files of the following types: Archive BitTorrent, Columbia Peaks, Essentia High GZ, Essentia Low GZ, Item Tile, Metadata, Ogg Vorbis, PNG, Spectrogram, VBR MP3, ZIP

Daniel Miessler is Principal Security Architect with HP based out of San Francisco, California. He specializes in application security with specific focus in web and mobile application assessments, helping enterprise customers build effective application security programs, and speaking with executives about how to best leverage technologies and processes to reduce real-world risk.

Dave and Tamler argue some more about the role of emotion and intuition in blame judgments, and then offer some moral psychology-related recommendations for your New Year’s viewing and reading pleasure. Plus, can you turn listening to VBW into a good drinking game? Offer some suggestions and win a free Very Bad Wizards T-shirt!  LinksTamler's early defense of free will skepticism:"Darrow and Determinism" [naturalism.org]"No Soul? I Can Live with That. No Free Will? AHHHHH!!!" [psychologytoday.org]"Free Will Skepticism in Action" [naturalism.org]Tamler's interview with Galen Strawson [believermag.org]The Objective Attitude [philpapers.org]Daniel Miessler on Sam Harris vs. Very Bad Wizards [danielmiessler.com]The Sceptic by David Hume [econlib.org]Paul Russell’s Free Will, Art, Morality [verybadwizards.com]Locke [imdb.com]The Subjective Effects of Nitrous Oxide by William James [erowid.org]Kahan, D. M., Peters, E., Dawson, E. C., & Slovic, P. (2013). Motivated numeracy and enlightened self-government. Social Science Research Network. Available: http://ssrn. com/abstract, 2319992.Black Mirror [imdb.com]Snowpiercer [imdb.com]Snowpiercer-Left or Right [everyframeapainting.tumbler.com]Logicomix: An Epic Search for Truth [amazon.com affiliate link] Meaning in Life and Why It Matters by Susan Wolf. Princeton University. Press, 2010. [amazon.com affiliate link]