Podcasts about drata

SaaS Scaled - Interviews about SaaS Startups, Analytics, & Operations

Play Episode Listen Later Feb 3, 2026 45:01

Phrack is legendary. It is the oldest, and arguably the most prestigious, underground hacking magazine in the world.It started in 1985 and is still running today. In this episode we interview the Phrack staff to hear some stories about what it's like running a hacker magazine for 40 years.phrack.orgSponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.Support for this show comes from Drata. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries.This episode is sponsored by Meter, the company building networks from the ground up. Meter delivers a complete networking stack - wired, wireless, and cellular - in one solution that's built for performance and scale. Alongside their partners, Meter designs the hardware, writes the firmware, builds the software, manages deployments, and runs support. Learn more at meter.com.

ai meter zero trust threatlocker drata

Compliance in the age of surveillance.

Caveat

Play Episode Listen Later Jan 29, 2026 52:54

On today's episode of Caveat, we are joined by Matt Hillary, Chief Information Security Officer at Drata, discussing how AI is reshaping the compliance landscape and what it takes to build trust at AI speed. Ben has the story of Immigration and Customs Enforcement and their extensive use of modern surveillance tools. Dave discusses the Supreme Court's taking of a case involving Facebook tracking pixels and video store rentals. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to today's stories: ICE Is Going on a Surveillance Shopping Spree Supreme Court to hear Facebook pixel tracking case Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's Caveat Briefing covers the EU launching an investigation of its own into X after the platform's AI chatbot, Grok, was able to be manipulated into generating non-consensual sexualized images. Alongside the EU's investigation, X is also facing pressures from the UK, France, Indonesia, and Malaysia over this incident. Curious about the details? Head over to the Caveat Briefing for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

head ai uk france european union supreme court curious indonesia immigration compliance malaysia surveillance grok customs enforcement caveat chief information security officer drata

Coping with the Discomfort of Hypergrowth with Adam Markowitz

Play Episode Listen Later Dec 9, 2025 31:55

Today, we're joined by Adam Markowitz, Co-Founder & CEO at Drata, the leader in AI-native trust management. We talk about:The good problems that come with hypergrowthThe most critical decision that drives successBeing intentional about culture The amplification effects of AI – and the risk that presentsFostering a culture to support the discomfort of rapid growth

ceo trust ai co founders security integrity coping privacy discomfort risk management vulnerabilities confidentiality customer data hypergrowth markowitz drata

1146: Building a Finance Org That Thinks Before It Counts | Aneal Vallurupalli, CFO, Drata

CFO Thought Leader

Play Episode Listen Later Nov 30, 2025 46:02

The morning after Airbase's sale closed, Aneal Vallurupalli woke up to a very different org chart. Before the deal, roughly a third to almost half of the company reported to him, including onboarding, professional services, account management, customer success, and financial services revenue, he tells us. The day after, those teams rolled into the acquirer and “I have my EA reporting to me. And that was it,” he tells us. It left him thinking, “wait a minute… I'm not making any decisions anymore,” he tells us.That jolt became a pivot point. Rather than chase another title, he went looking for roles where finance could architect the whole engine—customer journey included. It's the same instinct that once led him to peel back Airbase's retention problem: starting with GRR by segment, then listening to Gong calls and mapping every step from contract signature to renewal, he tells us. Retention, he concluded, is almost never a single-issue story.Today, four weeks into his CFO role at Drata, it already feels like “the third quarter operating” there, he tells us. He talks about “ruthless prioritization” as a muscle first trained in high-level tennis and investment banking, where time, not money, was the real constraint.Now he wants finance to be the company's best “so what” team—not just reporting variances, but offering an informed view on what to do next. Even with AI, he is wary of “tool proliferation” and scattered agents, arguing that every business must choose deliberately what sits centrally on its data and what remains at the edge.

ai finance cfo ea counts retention gong airbase grr drata

Building Painkillers, Not Vitamins: How Daniel Marashlian Scaled Drata to 700 Employees

Chaos To Clarity

Play Episode Listen Later Nov 21, 2025 46:53

In this episode of Chaos to Clarity, Eric Weiss sits down with Daniel Marashlian, Co-Founder and CTO of Drata, one of San Diego's fastest-growing SaaS startups.Daniel shares his 20-year founder journey, from building early web systems after the dot-com crash to co-founding Drata, a company now powering compliance automation for more than 8,000 customers.He opens up about what it takes to scale from a small, scrappy team to 700+ employees — and the hard lessons learned along the way.You'll hear how a painful compliance process in a previous startup inspired Drata's creation, and how Daniel transformed that frustration into a platform that changed how businesses build trust.In this episode:The early lessons that shaped Daniel's mindset as a founderHow Drata turned compliance from a blocker into a growth engineWhy “build a painkiller, not a vitamin” became his guiding principleThe breaking points that come with hypergrowth — and how to fix themWhen to layer, delegate, and hire before you're underwaterHow to turn security into a company culture, not a checkboxWhether you're a founder, CTO, or tech leader scaling fast, Daniel's story shows what it means to build systems, teams, and culture that can withstand rapid growth. Don't forget to subscribe to the Chaos to Clarity Podcast for more invaluable episodes to help you grow your business and stay ahead of the curve!To reach out to Eric, visit https://chaostoclarity.io/

chaos co founders san diego employees clarity saas cto vitamins painkillers scaled eric weiss clarity podcast drata themwhen

From NASA to nine-figure ARR: Adam Markowitz on building Drata, trust and timing in SaaS

The SaaS Revolution Show

Play Episode Listen Later Nov 13, 2025 32:11

The journey from aerospace engineering at NASA to serial entrepreneur isn't a well-trodden path but it's one that's worked for Adam Markowitz. In this episode of The SaaS Revolution Show, Alex Theuma talks with the Drata Co-founder and CEO about the journey from NASA, to edtech, to Drata and how lessons at each stage led him to the next. From finding product-market fit and executing at speed, to building a culture of trust and timing the market just right, Adam shares the learnings behind Drata's rapid rise from $0-100M ARR in four years. Listen to learn: - How NASA inspired Adam's founder mindset and approach to problem-solving - The “lightning in a bottle” moment that catapulted Drata's product-market fit - How strategy, execution, and timing team became Drata's competitive advantage - Why a partner-led GTM strategy helped Drata scale faster - How AI is transforming compliance and customer expectations in SaaS Guest links: LinkedIn - https://www.linkedin.com/in/markowitzadam/ Website - https://drata.com/ Check out the other ways SaaStock is helping SaaS founders move their business forward:

ceo trust nasa figure timing dublin saas risk management b2b saas gtm cloud security markowitz 100m arr saas founder saastock drata alex theuma

165: Tanya

Play Episode Listen Later Nov 4, 2025 47:43

Tanya Janca is a globally recognized AppSec (application security) expert and founder of We Hack Purple. In this episode, she shares wild stories from the front lines of cybersecurity. She shares stories of when she was a penetration tester to an incident responder.You can sign up for her newsletter at https://newsletter.shehackspurple.ca/SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This episode is sponsored by Hims. Hims offers access to ED treatment options ranging from trusted generics that cost up to 95% less than brand names to Hard Mints, if prescribed. To get simple, online access to personalized, affordable care for ED, Hair Loss, Weight Loss, and more, visit https://hims.com/darknet.Support for this show comes from Drata. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries.View all active sponsors.Books Alice and Bob Learn Secure Coding by Tanya Janca Alice and Bob Learn Application Security by Tanya Janca

ai weight loss hair loss zero trust hims appsec tanya janca threatlocker drata we hack purple

Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical

Play Episode Listen Later Sep 19, 2025 35:56

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. All links and the video of this episode can be found on CISO Series.com

trust ai microsoft student hackers ciso hypocritical cisa michigan medicine drata ciso series rich stroffolino

Google patches zero-day, Copilot's forced installation, Scattered Spider arrests

Play Episode Listen Later Sep 19, 2025 8:07

Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.

trust ai google microsoft forced chrome installation copilot arrests patches zero day scattered spider drata ciso series

Insight Partners warns thousands, Scattered Spider feigns retirement, Consumer Reports calls Microsoft 'hypocritical'

Play Episode Listen Later Sep 18, 2025 7:58

Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.

trust ai microsoft retirement thousands warns consumer reports insight partners scattered spider drata

Cyber programs extended, older Apple devices attacked, chatbots aid phishing scams

Play Episode Listen Later Sep 17, 2025 7:16

House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.

trust ai apple house scams programs older cyber chatbots reuters attacked phishing apple devices drata

Android security changes, CISA incentive audit, LLM usage

Play Episode Listen Later Sep 16, 2025 7:38

Android moving to “risk-based” security updates CISA accused of Cyber Incentive mismanagement How security practitioners use LLMs Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io.

trust ai android audit incentives usage cisa drata android security

ShinyHunters hits Vietnam, Petya-NotPetya copycat appears, CISA wants CVE

Play Episode Listen Later Sep 15, 2025 8:44

ShinyHunters hits Vietnam National Credit Information Center HybridPetya is a Petya/NotPetya copycat with UEFI Secure Boot bypass CISA seeks control over CVE Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn more at SafeBase.io. Find the stories behind the headlines at CISOseries.com.

trust ai vietnam hits appears copycat cisa drata uefi secure boot ciso series petya notpetya

GoDaddy's “Act Like You Know” Campaign: B2B Marketing Lessons on Bold Brand Building with Chief Marketing Officer at G2, Sydney Sloan

Remarkable Marketing

Play Episode Listen Later Sep 4, 2025 44:36

Most brands talk about standing out. Very few actually do it. The ones that win are the ones willing to take a swing, sometimes even a wild one.That's exactly what GoDaddy did with the “Act Like You Know” campaign, a Super Bowl ad that became a cultural moment because of its boldness. In this episode, we explore the marketing lessons behind it with special guest Sydney Sloan, Chief Marketing Officer at G2.Together, we explore what B2B marketers can learn from emotional storytelling, influencer culture, and why building brand in the age of AI requires creativity, boldness, and a willingness to have a little fun.About our guest, Sydney SloanSydney Sloan is a visionary marketing leader with a track record of driving growth and innovation in the tech industry. As CMO of G2, the world's largest and most trusted software marketplace, Sydney is at the forefront of shaping the company's strategic direction. Sydney previously held CMO roles at compliance automation software company Drata, sales tech leader Salesloft, and cloud content management visionary Alfresco.What B2B Companies Can Learn From GoDaddy's “Act Like You Know” Campaign:Take bold swings. Safe marketing doesn't get noticed. To capture attention, B2B brands have to be willing to step outside the comfort zone and take real creative risks. As Sydney shared, “Take a big swing. Go do something outside of your comfort zone.” Boldness is the difference between blending in and breaking through.Your brand is the moat. With paid tactics getting harder, brand is the lasting advantage. It's not about clicks or keywords anymore. It's about the emotional connection people feel. As Sydney says, “Brand is right. It's the emotional connection that you actually build between a brand, which is not a person… and the audience.” In the age of AI, trust and resonance are the true differentiators.Influencers aren't just for B2C. Big-budget companies might hire celebrities, but every B2B brand can find ways to put people at the center of their story. It's about connection, not just reach. Sydney explained, “You can still use influencers, you can still have people connecting to people and doing it in creative ways.” In B2B, credibility often comes best through people, not platforms.Quote“We gotta go back and invest in brand. And what does that mean, and how do I do it? It's not the old playbook. That thing is gone. Display, out the windows. Google search, out the window. We are all at the starting line together. And whoever's the most creative and figures out this new era we're in has an unfair advantage.”Time Stamps[00:55] Meet Sydney Sloan, CMO at G2[01:17] Why GoDaddy's “Act Like You Know” Campaign[03:55] The Role of Influencers in B2B Marketing[11:39] The Role of CMO at G2[13:19] Understanding GoDaddy's “Act Like You Know” Campaign[19:32] B2B Marketing Lessons from GoDaddy's “Act Like You Know” Campaign[33:29] The Power of Creative Marketing[37:50] Final Thoughts and TakeawaysLinksConnect with Sydney on LinkedInLearn more about G2About Remarkable!Remarkable! is created by the team at Caspian Studios, the premier B2B Podcast-as-a-Service company. Caspian creates both nonfiction and fiction series for B2B companies. If you want a fiction series check out our new offering - The Business Thriller - Hollywood style storytelling for B2B. Learn more at CaspianStudios.com. In today's episode, you heard from Ian Faison (CEO of Caspian Studios) and Meredith Gooderham (Head of Production). Remarkable was produced this week by Jess Avellino, mixed by Scott Goodrich, and our theme song is “Solomon” by FALAK. Create something remarkable. Rise above the noise.

162: Hieu

The Engineering Leadership Podcast

Play Episode Listen Later Aug 5, 2025 93:54

All Hieu Minh Ngo wanted was to make money online. But when he stumbled into the dark web, he found more than just opportunity, he found a global dark market. What started as a side hustle turned into an international crime spree.Find Hieu on X: https://x.com/HHieupc.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.Support for this show comes from Drata. Drata is the trust management platform that uses AI-driven automation to modernize governance, risk, and compliance, helping thousands of businesses stay audit-ready and scale securely. Learn more at drata.com/darknetdiaries.This show is sponsored by Red Canary. Red Canary is a leading provider of Managed Detection and Response (MDR), helping nearly 1,000 organizations detect and stop threats before they cause harm. With a focus on accuracy across identities, endpoints, and cloud, we deliver trusted security operations and a world-class customer experience. Learn more at redcanary.com.

ai zero trust hieu threatlocker red canary drata

The End-to-End Engineer: How WorkOS Collapsed the Talent Stack for Extreme Velocity & Alignment w/ Michael Grinich #228

Play Episode Listen Later Aug 5, 2025 44:55

What if your engineering team didn't just write code, but owned product discovery, wrote the launch messaging, and handled early sales? In this episode, Michael Grinich, CEO and founder of WorkOS, deconstructs their playbook for collapsing the product/engineering stack: no design leads, only one PM, and engineers who own product end-to-end. Michael breaks down how they teach product thinking, build with deep customer insight, and why his most important job is often to "cut scope." You'll learn how to remove the "lossy translation layers" between teams, build a culture of curiosity and customer obsession, and ship higher-quality products, faster.ABOUT MICHAEL GRINICHMichael is the founder and CEO of WorkOS, a developer platform that enables companies to become Enterprise Ready through features like Single Sign-On (SAML). Their customers include many of the fastest-growing startups including Webflow, Drata, Loom, and +200 others. Before WorkOS, Michael co-founded Nylas and studied CS at MIT. ToolHive Unlocks the Full Value of MCP & Your AI AgentsSo you've invested in AI agents for code generation, but they're limited to experiments or even stuck on the shelf. To do real, valuable work, those AI agents need access to your data and systems.ToolHive helps you confidently connect the pieces by making it simple and secure for you to use the Model Context Protocol (MCP).ToolHive includes a pre-vetted registry of MCP servers, containerizes every MCP server for consistency and leans on built-in security to keep your secrets safe.Leaders trust ToolHive to put MCP into production and put their AI agents to work.ToolHive is open source, so get started for free at toolhive.dev Join us at ELC Annual 2025ELC Annual is the premier event for engineering leaders. This is our biggest event of the year: 1,000+ CTOs, VPs & Directors in San Francisco @ ELC Annual 2025 for two days of leadership breakthroughs, tactical peer learning & curated connections!

ceo ai building mit leaders 3d hiring extreme engineers alignment rapid cs pms influencing el c loom velocity collapsed mcp ctos product innovation webflow engineering management engineering leadership drata nylas using slack talent stack

Agentic AI and Extended Access Management

Apple @ Work

Play Episode Listen Later Jun 10, 2025 24:10

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, I talk with David Faugno from 1Password about the company's recent announcements at RSAC. Links 1Password Introduces Agentic AI Security for the Next Era of Enterprise Automation 1Password and Drata's Strategic Partnership Closes the Access-Trust Gap with Unified Security and Compliance 1Password Delivers the Next Generation of Access Security with New Extended Access Management Platform Capabilities Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

apple education next generation enterprise agentic 1password next era access management rsac drata

#236 - Build a World Class GRC Program (with Matt Hillary)

CISO Tradecraft

Play Episode Listen Later Jun 9, 2025 46:30 Transcription Available

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations. Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/ Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/ Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/ Chapters 01:39 Meet Matt Hillary: CISO of Drata 06:06 The Evolution of GRC and Trust Management 14:48 Continuous Compliance and Automation 19:26 Compliance as Code: The Future of GRC 22:18 The Importance of Getting It Right the First Time 23:15 Customer Compliance Challenges 24:21 Vendor Risk Management and Trust Building 26:26 Leveraging AI for Compliance and Risk Management 31:43 Evaluating Credibility of Third-Party Evidence 41:09 Common Mistakes in GRC Programs 43:56 Final Thoughts and Industry Call to Action

ai action evolution automation compliance final thoughts world class risk management common mistakes leveraging ai getting it right chief information security officer grc big thanks trust building drata

#236 - Build a World Class GRC Program (with Matt Hillary)

CISO Tradecraft

Play Episode Listen Later Jun 9, 2025 46:30

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations. Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/ Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/ Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/ Chapters 01:39 Meet Matt Hillary: CISO of Drata 06:06 The Evolution of GRC and Trust Management 14:48 Continuous Compliance and Automation 19:26 Compliance as Code: The Future of GRC 22:18 The Importance of Getting It Right the First Time 23:15 Customer Compliance Challenges 24:21 Vendor Risk Management and Trust Building 26:26 Leveraging AI for Compliance and Risk Management 31:43 Evaluating Credibility of Third-Party Evidence 41:09 Common Mistakes in GRC Programs 43:56 Final Thoughts and Industry Call to Action

ai action evolution automation compliance final thoughts world class risk management common mistakes leveraging ai getting it right chief information security officer grc big thanks trust building drata

Hello, Pervert! - Sextortion scams and Discord disasters

The Security Podcast of Silicon Valley

Play Episode Listen Later May 14, 2025 51:02

Don't get duped, doxxed, or drained! In this episode of "Smashing Security" we dive into the creepy world of sextortion scams, and investigate how crypto wallet firm Ledger's Discord server was hijacked in an attempt to phish for cryptocurrency recovery phrases.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Plus! Don't miss our featured interview with Drata's Matt Hillary.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Ledger secures Discord after hacker bot tried to steal seed phrases - CoinTelegraph.Binance Founder CZ Warns: Ledger Discord Hack Targets Recovery Phrases - CoinPedia.Ledger confirms physical scam letters requesting seed phrase in fake security upgrade - The Block.Physical addresses of 270K Ledger owners leaked on hacker forum - Bleeping Computer.Criminals are mailing altered Ledger devices to steal cryptocurrency - Bleeping Computer.New Hello Pervert Email Attack Warning — ‘I Know Where You Live' - Forbes.‘Hello pervert': the sextortion scam claiming to have videoed you - The Guardian."Hello Pervert" Email Is A Total Scam - What You Need To Know - Malware Tips.Scam email sent from my own email address - Microsoft Community.Thunderbolts* review: 'The greatest Marvel offering in years' - BBC.Limelight, Exemplar - BBC Radio 4.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Drata - The world's most advanced Trust Management platform – making risk and compliance management accessible, continuous, and 10x more automated than ever before.Dashlane - Protect against the #1 cause of data breaches - poor password habits. Save 25% off a new business plan, or 35% off a personal Premium plan!

marvel forbes bbc disasters discord guardian scams criminals thunderbolts limelight pervert sextortion cointelegraph drata bleeping computer graham cluley smashing security carole theriault

Building a Billion-Dollar Security Company: Lessons from Drata's Co-Founder and CTO

Play Episode Listen Later Mar 11, 2025 28:33

What happens when a seasoned entrepreneur tackles one of the biggest security challenges for startups? Daniel Marashlian, Co-Founder and CTO of Drata, built a billion-dollar company by automating security audits. In this episode, he breaks down compliance headaches, AI's role in security, and why automation is the future. Daniel Marashlian: https://www.linkedin.com/in/danielzev/ Drata: https://drata.com/ Jon McLachlan: www.linkedin.com/in/jon-mclachlan Sasha Sinkevich: www.linkedin.com/in/aliaksandr-sinkevich YSecurity: www.ysecurity.io

ai lessons co founders cto billion dollar security company drata

154: Hijacked Line

SDR Game - Sales Development Podcast

Play Episode Listen Later Feb 4, 2025 66:04

Conor Freeman (x.com/conorfrmn) stole money online. Lot's of it. In this episode we talk with him, and hear how he did it, why he did, and what he spent it on.Conor's website: https://conorfreeman.ieConor's X: https://x.com/conorfrmnSponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries.Support for this show comes from ZipRecruiter. ZipRecruiter has solved the hiring problem. Employers prefer it the most for so many reasons. Let's start by telling you about their matching technology. They work hard to find the best candidates for your needs, and will instantly show you results once you post a job listing. ZipRecruiter will speed up your hiring process. See it for yourself at www.ziprecruiter.com/DARKNET.Sources https://www.cbc.ca/news/canada/toronto/kidnapping-toronto-businessman-cryptocurrency-1.7376679 https://www.irishtimes.com/news/crime-and-law/courts/circuit-court/man-jailed-for-role-in-2-million-cryptocurrency-theft-1.4411641 https://www.irishtimes.com/news/crime-and-law/dun-laoghaire-man-could-face-108-year-us-prison-term-over-alleged-hacking-and-wire-fraud-1.3887715 https://www.sundayworld.com/crime/irish-crime/irish-authorities-to-transfer-2m-in-stolen-cryptocurrency-back-to-us-owners-after-cab-probe/40576219.html

employers gdpr iso hipaa soc hijacked zero trust darknet ziprecruiter pci dss darknet diaries threatlocker drata

[GREATEST HITS] 59. How to Use Video Prospecting to Improve Your LinkedIn Outreach Efficiency - Kayla Cytron-Thaler, Partnerships at Drata

Play Episode Listen Later Dec 28, 2024 33:03

184: Morgan Cumiskey, Drata's Top AE on Overcoming Sales Challenges with Authenticity and Empathy

Sales Success Stories

Play Episode Listen Later Nov 21, 2024 94:34

In this episode, Morgan shares her unique approach to categorizing deals and emphasizes the importance of a robust pipeline. She talks about her successful collaboration with her SDR, her disciplined sales strategy, and her innovative use of tools like Crossbeam and Gong. Morgan also highlights the critical roles of relationship building and trust, both within the sales team and with clients, stressing the importance of in-person interactions, even in our increasingly virtual world. Learn more at top1.fm/184

challenges overcoming sales authenticity empathy gong sdr drata

Drata CEO on Security, Compliance Automation

Tech Disruptors

Play Episode Listen Later Oct 22, 2024 41:46

As enterprises look to harness data that stems and flows through diverse and dispersed source and end-points, robust practices around storing, processing, access, availability, reliability and security need to be ensured, driving demand for compliance-automation platforms. In this episode of the Tech Disruptors podcast, Drata CEO Adam Markowitz joins Sunil Rajgopal, senior software analyst at Bloomberg Intelligence, to discuss the security and compliance-automation product landscape, the potential market opportunity and growing role of AI. The two also talk about Drata's product journey, go-to-market strategy and customer expansion.

ai security automation compliance bloomberg intelligence drata

From Panic Mode to Building a Scalable Business featuring Taylor Hersom

Uncharted Podcast

Play Episode Listen Later Oct 21, 2024 13:55

In this exciting episode we sit down with Taylor, founder of Eden Data, to discuss his incredible pivot from corporate life to entrepreneurship. Taylor shares the bold decision to quit his job just before the pandemic hit, leading him to turn to Upwork. From gamifying client acquisition to navigating the challenges of scaling a bootstrapped startup, Taylor reveals the highs and lows of his journey. Tune in to hear how he built a successful cybersecurity company, all while staying grounded with lessons on growth, community, and the importance of setting your own scoreboard. About our speaker: Taylor Hersom is the Founder and CEO of Eden Data, the leading cybersecurity firm from SOC 2 to IPO. The Texas-native Deloitte-veteran has built Eden Data into a team of 30+ ex-Big 4 security advisors with 200+ clients including Zendesk and Kindbody. The firm is the back-to-back winner of Drata's Partner-of-the-Year award. This episode is brought to you with support from Netsuite. Learn more at Netsuite.com/scale --- Support this podcast: https://podcasters.spotify.com/pod/show/uncharted1/support

ceo founders texas partner panic ipo deloitte scalable upwork soc zendesk netsuite drata

Optimizing Sales with Operations and Enablement

Building Elite Sales Teams

Play Episode Listen Later Jun 14, 2024 35:06 Transcription Available

SummaryLucas Price interviews seasoned sales leader Adam Aarons, renowned for his tenure as CRO at Okta and his roles at companies like BladeLogic and Drata. They dig into strategies for building elite sales teams, focusing on effective sales processes, operational visibility, and continuous enablement. Adam shares insights on navigating new market segments, the significance of discovery, and the importance of structured sales methodologies. Additionally, he offers tips on hiring the right talent and leveraging mentorship. This episode is packed with actionable advice for sales leaders aiming to drive high performance in their teams.Take Aways Operational Visibility: Establishing a strong operations framework is vital for early detection of potential pitfalls in your sales strategy.Continuous Enablement: Constantly iterating and improving your team's skills and processes is key to maintaining high performance.Role of a Champion: Differentiate between a true champion, who has power and influence, and a coach, who merely advises without substantial impact.Focused Discovery: Effective discovery involves understanding the prospect's core problems and why they should act now and choose your solution.Hiring Principles: Look for intelligence, coachability, drive, and will in potential hires to form a resilient and high-performing sales team.Learn More: https://www.yardstick.team/Connect with Lucas Price: linkedin.com/in/lucasprice1Connect with Dr. Jim: linkedin.com/in/drjimkConnect with Adam Aarons: linkedin.com/in/adam-aarons-438111Mentioned in this episode:BEST Outro

sales operations optimizing cro enablement okta drata

61: The Path to CMO: Networking & Building Meaningful Connections - with Sydney Sloan, CMO at Drata

Women in B2B Marketing

Play Episode Listen Later May 15, 2024 42:39

In this episode of "Women in B2B Marketing," host Jane Serra chats with B2B rockstar Sydney Sloan, CMO of Drata, about the power of personal branding and networking for career advancement. Sydney also shares her B2B marketing journey, emphasizing the need to understand the market and be passionate about solving customer problems. She advises listeners on building networks, engaging with industry influencers, and the steps to transition into advisory and board roles. Sydney walks us through:the importance of personal branding and its impact on career growthher journey in B2B marketing and transitioning into techbuilding a strong professional network and engaging with industry influencerstips for effective networking, making relevant connections, and the importance of being prepared for mentoring sessionsexploring career goals and the value of seeking advice from multiple sourcesovercoming discomfort in networking situations and the importance of putting oneself out theretransitioning into advisory and board rolesnavigating the competitive job-seeking landscapeasking the right questions when looking for a new role to ensure the fit is right, and the value of regularly assessing if the role still feels rightunderstanding one's worth and leveraging networks for job opportunitiesKey Links:Guest: Sydney Sloan - https://www.linkedin.com/in/sydsloan/Host: Jane Serra - https://www.linkedin.com/in/janeserra/ Women in Revenue - https://womeninrevenue.org/Breaking the Tech Ceiling - https://www.breakingthetechceiling.com/

women networking b2b revenue cmo b2b marketing meaningful connections drata

How to get the most value out of your internal experts?

Content Amplified

Play Episode Listen Later May 6, 2024 19:13

In this episode, we interview Elliot Volkman, the Marketing Director at Drata and host of the "Adopting Zero Trust" and "Mastering the Art of Failing" podcasts. Elliot brings a unique blend of journalism background and marketing expertise, particularly in the cybersecurity domain, to discuss enhancing brand identity through internal thought leadership. What you'll learn in this episode: How to identify and elevate internal experts to enhance brand visibility and authenticity. Strategies for creating a more relaxed and genuine content environment that reflects your brand's true ethos. Insights into balancing professionalism with personality to engage audiences more effectively. Techniques for leveraging AI to augment content creation without losing the human touch.

ai art strategy mastering failing internal marketing directors drata

The Power of Partnership in Startup Ecosystems with Gil Feig from Merge & Daniel Marashlian from Drata

Modern CTO with Joel Beasley

Play Episode Listen Later Mar 4, 2024 46:07

Today we're talking to Gil Feig, Co-Founder at Merge, and Daniel Marashlian, Co-Founder & CTO at Drata. Gil and Daniel explore automating compliance, enhancing SaaS support, and the art of building high-EQ tech teams. Their conversation is a roadmap for aspiring CTOs, emphasizing innovation and strategic partnerships. A must-listen for those navigating the tech startup ecosystem. All of this right here, right now, on the Modern CTO Podcast! To learn more about Merge, visit their website here. To learn more about Drata, visit their website here. Have feedback about the show? Let us know here. Produced by ProSeries Media. For booking inquiries, email booking@proseriesmedia.co

co founders startups partnership saas cto eq gil merge ecosystems ctos feig drata

141: The Pig Butcher

Reveal: The Revenue Intelligence Podcast

Play Episode Listen Later Jan 2, 2024 61:35

The #1 crime which results in the biggest financial loss is BEC fraud. The #2 crime is pig butchering. Ronnie Tokazowski https://twitter.com/iHeartMalware walks us through this wild world. Sponsors Support for this episode comes from NetSuite. NetSuite gives you visibility and control of your financials, planning, budgeting, and of course - inventory - so you can manage risk, get reliable forecasts, and improve margins. NetSuite helps you identify rising costs, automate your manual business processes, and see where to save money. KNOW your numbers. KNOW your business. And get to KNOW how NetSuite can be the source of truth for your entire company. Visit www.netsuite.com/darknet to learn more. Support for this show comes from Drata. Drata streamlines your SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR & many other compliance frameworks, and provides 24-hour continuous control monitoring so you focus on scaling securely. Listeners of Darknet Diaries can get 10% off Drata and waived implementation fees at drata.com/darknetdiaries. This show is sponsored by Shopify. Shopify is the best place to go to start or grow your online retail business. And running a growing business means getting the insights you need wherever you are. With Shopify's single dashboard, you can manage orders, shipping, and payments from anywhere. Sign up for a one-dollar-per-month trial period at https://shopify.com/darknet. Learn more about your ad choices. Visit podcastchoices.com/adchoices

shopify butcher gdpr iso hipaa bec soc netsuite pci dss darknet diaries drata

#150 Ballistic Ventures' General Partner, former Managing Director at Lightspeed, Jake Seid

Smart Venture Podcast

Play Episode Listen Later Dec 19, 2023 64:15

Jake Seid is the Co-Founder and General Partner at Ballistic Ventures, a VC firm focused on early-stage cybersecurity and security-related venture investments, with a debut fund of $300M. Before working at Ballistic, Jake was a Managing Director at Lightspeed Venture Partners and founder and Managing Director at Stone Bridge Ventures—his portfolio includes Blend, Brex, Bolt, Abnormal Security, Carta, Cresta.ai, Drata, and more. You can learn more about: Investing trends in the cybersecurity space Starting and building a successful fund How to attract the best founders ===================== YouTube: @GraceGongCEO Newsletter: @SmartVenture LinkedIn: @GraceGong TikTok: @GraceGongCEO IG: @GraceGongCEO Twitter: @GraceGongGG ===================== Join the SVP fam with your host Grace Gong. In each episode, we are going to have conversations with some of the top investors, superstar founders, as well as well-known tech executives in silicon valley. We will have a coffee chat with them to learn their ways of thinking and actionable tips on how to build or invest in a successful company.

How to Diligence Marketing and Sales Leadership Roles w/ Sydney Sloan & Adam Aarons (CMO & CRO, Drata)

The Science of Scaling

Play Episode Listen Later Nov 1, 2023 35:19

Sales leaders often diligence the CEO, but they quickly realize they should've done the same for the CMO. Same for the other way around. It's a topic not even Mark has yet to fully codify. Host Mark Roberge is joined by Sydney Sloan (CMO, Drata) and Adam Aarons (CRO, Drata) to discuss how the two navigated their way into a unicorn-worthy partnership. They'll talk about: The importance of marketing and sales alignment How to evaluate potential team members when joining a company Back channelling for honest feedback Why go-to-market alignment is so important for team dynamics The Science of Scaling is a HubSpot Original Podcast // Brought to you by The HubSpot Podcast Network in collaboration with HubSpot For Startups // Produced by Matthew Brown.

ceo sales scaling cmo diligence leadership roles aarons marketing and sales sales leadership matthew brown drata hubspot podcast network

How to get out of the startup trenches through collaboration and connections

Play Episode Listen Later Oct 9, 2023 34:50

Have you ever heard of trenches within a startup? Maybe you're in the midst of them currently. Either way, in this episode, we dive into the dynamic world of startups, growth, and the intriguing synergy between sales and marketing.We'll discuss the bonds that form during the scrappy startup grind and how these connections can shape your journey and lead to remarkable insights.Our guest, Adam Aarons, Chief Revenue Officer at Drata, spills the secrets of successful sales and marketing collaboration within the startup world. Because in the trenches of startups, where growth and innovation collide, it's the collaboration and connections between sales and marketing that lead to success.To hear more from Adam, tune in to this week's episode.Resource: FounderJar

startups collaboration connections trenches chief revenue officer drata

Another T-Mobile breach, ThemeBleed, and farewell Naked Security

Play Episode Listen Later Sep 28, 2023 58:15

Mix TikTok with facial recognition, and you've got a doxxing nightmare, T-Mobile users report bizarre behaviour in their accounts, and a Windows flaw provides a new means of infecting users.All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Paul Ducklin.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:T-Mobile customer reports privacy breach - Twitter.T-Mobile US exposes some customer data – but don't call it a breach - The Register.T-Mobile denies new data breach rumors, points to authorized retailer - Bleeping Computer.Connectivity Source - Despite appearances, don't confuse it with T-Mobile.ThemeBleed exploit is another reason to patch Windows quickly - MalwareBytes.If I Embarrass My Baby on TikTok, Will He Stay My Baby Forever? - New York Times.They Gossiped At Brunch. Now There's a Mob After Them - Rolling Stone.The End of Privacy is a Taylor Swift Fan TikTok Account Armed with Facial Recognition Tech - 404 Media.Egg crack challenge,the last baby is so cute - YouTube.Trailer for “The Deepest Breath” - YouTube.“The Deepest Breath” - Netflix.Nitpick: Meaningless communications.Naked Security.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Device Trust for Okta. Watch the demo today!Gigamon – Download the Gigamon Hybrid Cloud Security Survey to learn about the hidden dangers of encrypted traffic.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees...

tiktok media new york times mobile register farewell windows privacy trailer gdpr breach egg iso t mobile hipaa okta malwarebytes soc2 t mobile us drata bleeping computer graham cluley smashing security kolide kolide carole theriault paul ducklin naked security

Thousands of Intelligence and Defense Employees Exposed, a Hacker Infects His Own Computer, Google Accuses Apple Employee of Not Reporting a Zero-day

Hacker And The Fed

Play Episode Listen Later Jul 27, 2023 87:20

This week on Hacker And The Fed new cyber security labels proposed by the US government could help us buy our new devices, an employee exposes thousands of intelligence and defense employees, Google may be restricting internet access to some employees to reduce their cyber attack risk, a hacker infects his own computer, and Google says an Apple employee found a zero-day but didn't report it, and we answer listener questions about our phones getting searched and email encryption. Links from the episode: White House teams with Amazon, Google and Qualcomm on cybersecurity labels for gadgets https://www.cnbc.com/2023/07/18/us-cyber-trust-labels-will-help-consumers-pick-safer-smart-devices.html Google exposes intelligence and defense employee names in VirusTotal leak https://therecord.media/virustotal-user-email-addresses-leaked-google-military-intelligence Google restricting internet access to some employees to reduce cyberattack risk https://www.cnbc.com/2023/07/18/google-restricting-internet-access-to-some-employees-for-security.html Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware https://www.securityweek.com/black-hat-hacker-exposes-real-identity-after-infecting-own-computer-with-malware/ IT Security Analyst Jailed for Impersonating as a Hacker in Own Company https://cybersecuritynews.com/it-security-analyst-jailed/ Google says Apple employee found a zero-day but did not report it https://techcrunch.com/2023/07/20/google-says-apple-employee-found-a-zero-day-but-did-not-report-it/ https://news.ycombinator.com/item?id=36803537 Microsoft Cybersecurity Analyst Professional Certificate https://www.coursera.org/professional-certificates/microsoft-cybersecurity-analyst Cybersecurity Expert Kevin David Mitnick died https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 Listener Questions: https://www.theverge.com/2021/8/18/22630439/apple-csam-neuralhash-collision-vulnerability-flaw-cryptography Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees Get your Hacker and the Fed merchandise at hackerandthefed.com

amazon google apple white house defense employees computers intelligence thousands exposed hackers reporting fed listener questions qualcomm zero day impersonating infects virustotal drata

Boris Johnson's WhatsApps, and sextorting party girls

Play Episode Listen Later Jul 20, 2023 36:04

Former Prime Minister Boris Johnson wants to hand over his WhatsApp messages - or does he? And a couple of fun-loving girls from Aberdeen have come up with a sinister twist on sextortion scams.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley (from a mystery location) and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:The UK Covid-19 Inquiry.Court orders ministers to hand Boris Johnson's WhatsApps to Covid inquiry - The Guardian.Boris Johnson ‘has forgotten' passcode for phone wanted by Covid inquiry - The Guardian.The Lockdown Files: Matt Hancock rejected expert advice on care home testing, WhatsApp messages reveal - The Telegraph.Boris Johnson's Personal Phone Number Has Been Hiding in Plain Sight Online For 15 Years - Vice.Party girls netted £120,000 from terrified men in ‘sextortion' scam -The Times.Exclusive: Women posed as underage girls to blackmail men out of nearly £122000 -Press and Journal.Musicless music video of Lionel Richie's “Hello” - YouTube.Musicless music video of Rolling Stones performing live in 1964 - YouTube.Intrigue: Burning Sun - BBC podcast.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Device Trust for Okta. Watch the demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via

covid-19 girls press journal court whatsapp guardian rolling stones boris johnson gdpr inquiry iso telegraph aberdeen hipaa lionel richie podchaser okta uk covid soc2 drata graham cluley smashing security carole theriault kolide kolide

The Dangers of Googling Phone Numbers, an Attack on a Security Platform, and Typo Squatting on US Military Domains

Hacker And The Fed

Play Episode Listen Later Jul 20, 2023 83:24

This week on Hacker And The Fed you can't always count on Google for the right telephone number for an airline, an American cloud based directory as a service platform announces that they were hacked by a state sponsored threat actor, millions of US military emails may be ending up in the wrong hands, a new ransomware looks like a windows update, we answer listener questions, and Hector tells a fascinating story about a hacking methodology. Links from the episode: Airline Fake Contact Number on Google Maps https://twitter.com/Shmuli/status/1680669938468499458 https://twitter.com/SwiftOnSecurity/status/1680926780599812098 JumpCloud discloses breach by state-backed APT hacking group https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/ JumpClouds IOCs - https://jumpcloud.com/support/july-2023-iocs Domains like army․ml, pentagon․ml, navy․ml and af․ml all have Mail Exchange records pointing to 'handle․catchemail․ml' https://twitter.com/mikko/status/1680947795862200325 Watch out for this new malicious ransomware disguised as Windows updates https://www.foxnews.com/tech/watch-out-new-malicious-ransomware-disguised-windows-updates https://www.trendmicro.com/en_id/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html Listener Questions https://www.lsu.edu/mediacenter/news/2023/06/13-cyber-clinic.php Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees Get your Hacker and the Fed merchandise at hackerandthefed.com

american google security attack platform dangers windows hackers fed us military googling phone numbers domains apt squatting jumpcloud drata swiftonsecurity

Deepfake Martin Lewis, and a deadly jog in the park

Play Episode Listen Later Jul 13, 2023 39:51

Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked.All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Russian commander shot dead after posting runs on Strava running app - Kyiv Post.Martin Lewis felt 'sick' seeing deepfake scam ad on Facebook - BBC News.How synthetic media, or deepfakes, could soon change our worldeing deepfake scam ad on Facebook - 60 Minutes on YouTube.Nicki Minaj wants to delete the “whole internet” after viral AI deepfake video -Technology Inquirer.Fears grow of deepfake ID scams following Progress hack - Ars Technica.“Deep Fake Neighbour Wars”: ITV's comedy shows how AI can transform popular culture -The Conversation.”My Old School” - BBC Scotland.”My Old School” trailer - YouTube.MP doesn't know whether she attended Downing St Party - YouTube.”Non-Censored” with Rosie Holt podcast - Audioboom.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Kolide - Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Device Trust for Okta. Watch the demo today!Sysdig - Is your cloud secure? Not without runtime insights! Sysdig delivers the industry's ONLY complete, consolidated Cloud-Native Application Protection Platform (CNAPP) - powered by runtime insights - to prioritize critical risks and stay ahead of unknown threats. Learn how runtime insights reduces fatigue so developers can focus on delivering software and your security teams can focus on other demands.Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on

fear ai conversations russian progress park britain id deadly nicki minaj mp deepfakes gdpr iso strava hipaa okta ars technica audioboom martin lewis soc2 sysdig rosie holt drata my old school graham cluley smashing security carole theriault kolide kolide

Are Your Lightbulbs a Security Risk? Voice Authentication May be Broken, and Logistics Security

Hacker And The Fed

Play Episode Listen Later Jul 13, 2023 71:11

This week on Hacker And The Fed your lightbulbs may be giving away the location of your house, could Microsoft end ransomware right now? Also, voice authentication may be broken, the latest ransomware attack shows us the important of logistics security, convenience has once again jeopardized Google authenticator security, and a listener shares a wild car theft story. Links from the episode: Your lightbulbs may be giving out your exact location twitter.com/haxrob/status/1676416949499338752 Microsoft Can Fix Ransomware Tomorrow darkreading.com/vulnerabilities-threats/microsoft-can-fix-ransomware-tomorrow Cybercriminals can break voice authentication with 99% success rate helpnetsecurity.com/2023/07/06/voice-authentication-insecurity/ INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime thehackernews.com/2023/07/interpol-nabs-hacking-crew-opera1ers.html Japan's biggest port, Nagoya, hit by suspected cyberattack asia.nikkei.com/Business/Technology/Japan-s-biggest-port-Nagoya-hit-by-suspected-cyberattack Raising concerns over Google Authenticator's new features techradar.com/pro/raising-concerns-over-google-authenticators-new-features Trinidad and Tobago facing outages after cyberattack therecord.media/trinidad-tobago-hit-with-cyberattack Listener Questions ksltv.com/563455/police-release-images-of-suspect-who-broke-into-familys-car-at-airport-then-their-home/ Support our sponsors: Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off Go to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees

google voice japan microsoft risk security raising fed logistics trinidad tobago authentication cybercriminals nagoya light bulbs google authenticator drata

Mark's metaverse for minors, and getting down to business

Play Episode Listen Later Jun 22, 2023 37:10

There's some funny business going on on Google, and Zuckerberg's $14 billion bet on the metaverse is beginning to look a little childish...All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.Warning: This podcast may contain nuts, adult themes, and rude language.Episode links:Google sues alleged scammer over fake business and review scheme - The Verge.Meta to Lower Age for Users of Virtual Reality Headset to 10 From 13 - New York Times.Introducing New Parent-Managed Meta Accounts for Families - Meta Blog.Keep Connected - ages 10–14 - Keep Connected.The Metaverse Police: A VR content moderator shares his insights - Mixed News.“Untold: The Girlfriend Who Didn't Exist” - Netflix.Tommy Siegel - Some candy hearts comics I drew, a thread - Twitter.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)Sponsored by:Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.Kolide – Kolide ensures that if your device isn't secure it can't access your cloud apps. It's Zero Trust for Okta. Watch a demo today!Drata – With over 14 frameworks including SOC2, GDPR, HIPAA, and ISO 27001, Drata gets you audit-ready for crucial security standards needed to scale your business. As a listener to Smashing Security you can save 10% off Drata and have implementation fees waived.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!FOLLOW US:Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the

google new york times mark zuckerberg metaverse users verge gdpr iso mastodon minors hipaa podchaser zero trust okta getting down bitwarden soc2 drata graham cluley smashing security carole theriault kolide kolide

134: Deviant