Podcasts about secops

Most orgs have a major blind spot: the browser.This week on Defender Fridays, we're joined by Cody Pierce, Co-Founder and CEO at Neon Cyber, to discuss why browser security remains a critical gap, from sophisticated phishing campaigns that bypass traditional controls to shadow AI tools operating outside your security perimeter.Cody began his career in the computer security industry twenty-five years ago. The first half of his journey was rooted in deep R&D for offensive security, and he had the privilege of leading great teams working on elite problems. Over the last decade, Cody have moved into product and leadership roles that allowed him to focus on developing and delivering innovative and differentiated capabilities through product incubation, development, and GTM activities. Cody says he gets the most joy from building and delivering products that bring order to the chaos of cyber security while giving defenders the upper hand.About This SessionThis office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers at Trend Micro have uncovered continued activity from China-aligned threat actors leveraging a cross-platform JavaScript-based command-and-control framework known as "PeckBirdy".Silent Push has identified an extensive phishing campaign targeting over 100 organizations, attributed to the threat actor group ShinyHunters.A malicious Visual Studio Code extension impersonating an AI coding assistant for Moltbot has been discovered distributing malware via the official VS Code Extension Marketplace.Dragos has attributed the December 2025 cyberattack on the Polish power grid to the Russian state-sponsored group known as ELECTRUM, with medium confidence.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for a special Defender Fridays Office Hours session where the LimaCharlie team demonstrates the new Agentic SecOps Workspace (ASW) and explores what's possible when AI agents operate security infrastructure directly.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this hands-on session, we showcase real working implementations of AI in cybersecurity operations. From reverse engineering malware to automated rule tuning and infrastructure management, we demonstrate how AI agents are transforming security workflows from concept to production-ready tools in hours instead of days.Key TopicsAutomated malware analysis and decompilation without traditional manual reverse engineering workflowsRule tuning at scale: Investigating noisy detections, writing false positive rules, and deploying them autonomouslyInfrastructure automation: Setting up data sources, configuring tenants, and managing security operations through AI agentsThe permission model: Balancing AI capability with human oversight and approval workflowsReal-world applications: Custom reporting, detection coverage analysis, and operational time savingsAbout This SessionThis office hours format brings together the LimaCharlie team to share practical experiences with AI-powered security operations. Rather than theoretical discussions, we demonstrate working tools and invite the community to share their own AI security experiments. The session highlights the rapid evolution of AI capabilities in cybersecurity and explores the changing relationship between security practitioners and automation.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

In this special episode of The Cybersecurity Defenders Podcast, a panel of cybersecurity experts discuss the irreversible changes AI has brought to the industry. This panel originally aired on January 20th, 2026.The panel attendees include:Christopher Luft (host) - Co-Founder / CCO, LimaCharlieMaxime Lamothe-Brassard - Founder / CEO, LimaCharlieEric Capuano - Co-Founder, Digital Defense InstituteJoshua Neil - Co-Founder, Alpha LevelKris Merritt - AdvisorDaniel Lees - Sr Staff Cloud Security Architect, GoogleLimaCharlie has watched the AI SOC conversation unfold and stayed quiet. Until now.Security vendors are racing to attach chatbots to legacy platforms and call it innovation. AI SOC startups have raised hundreds of millions to build better alert triage. Both approaches solve the same narrow problem: helping analysts click faster.Service providers managing hundreds or thousands of tenants face a different reality. Alert triage matters, but so does deployment, configuration, detection engineering, reporting, and onboarding. The tedious work that eats margin and slows growth spans the entire operation.What if AI could operate your entire security infrastructure with the same access as your best analyst?We built LimaCharlie for complete programmatic access from day one. we were building for AI operators before AI operators existed. On January 20th, we'll show you what happens when AI agents can do everything in a security platform, across every tenant, through natural language.No marketing theater. Just real conversations and a demonstration of AI-driven security operations where you stay in control.Learn more at https://limacharlie.io/

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korean threat actors are targeting macOS software developers in a new malware campaign that abuses Visual Studio Code (VS Code) confi gurations to deliver JavaScript-based backdoors, according to research from Jamf.Sinkholes are usually seen as the end of a malicious campaign - the point where domains are seized and abuse stops.China's pen-testing and red-team ecosystem has always been hard to observe, especially since many teams stopped participating in international CTFs post-2018.A critical zero-day vulnerability, CVE-2025-64155, has been discovered in Fortinet's FortiSIEM platform by Horizon3.ai, allowing unauthenticated remote code execution and privilege escalation to root.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Security researchers at Check Point have uncovered a previously unknown Linux malware framework named VoidLink, which stands out for its complexity and modular design.Researchers at Trend Micro have identified a new phishing campaign that combines legitimate services and open-source tools to distribute AsyncRAT, a commodity-remote access trojan.New research into Predator spyware reveals a deeper level of sophistication and operational intelligence than previously understood.The widespread adoption of AI agents in enterprise environments is creating a new class of identity and access control risks as highlighted in a new report from The Hacker News.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in the workflow automation platform n8n, tracked as CVE-2026-21858 and rated CVSS 10.0, allows unauthenticated remote attackers to fully compromise exposed instances.Two malicious Chrome extensions impersonating a legitimate product from AITOPIA were found exfiltrating sensitive user data, including full AI chat histories, according to a report from OX Security.The recent U.S. military operation in Venezuela that led to the capture of President Nicolás Maduro may have included cyber operations, but official confirmation of cyber's role remains ambiguous.Two U.S. citizens with professional backgrounds in cybersecurity have pleaded guilty to acting as affiliates of the ALPHV/BlackCat ransomware group, a prominent ransomware-as-a-service (RaaS) operation.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we're starting the new season off with the hottest topic of 2025: AI. Sitting down with Maxime Lamothe-Brassard, Founder and CEO of LimaCharlie, we discuss the ways AI has rapidly changed how companies are building security tools.Join an in-depth discussion January 20, 2026 and witness LimaCharlie's fundamentally different approach to AI-powered security operations. Your security operations will never be the same: https://www.linkedin.com/events/7401665070889545728/Maxime Lamothe-Brassard began his cybersecurity career at the Canadian Department of National Defense before providing direct assistance to organizations facing cyber defense challenges. His career includes key roles at CrowdStrike and Google, as well as being part of Chronicle Security's founding team, ultimately leading him to establish LimaCharlie to revolutionize security operations infrastructure. Support our show and share your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Shelly Palmer has spent 45 years watching technology reshape every industry—from writing news themes for CBS to consulting with every major media company on AI strategy. On this year-end recap, he cuts through the noise with one devastating observation: 2025 was the year everyone talked about AI while almost nobody actually used it. Executives shook their heads knowingly in meetings, pontificated about capabilities the models don't yet have, and parroted nonsense they read from other people who knew nothing. But when you asked one innocent question, they crumbled.In the News: CES 2026 shapes up with Nvidia sponsoring two full days of AI training. Samsung is skipping the main floor for a massive offsite activation. Sony brings no electronics—only Honda's experimental vehicles. The TCL and Chinese companies' presence hinges on tariff policy. The innovation series breakfast that Shelly runs is becoming an official CES event after a decade of independence.The conversation spirals into deeper territory: $3 trillion in government money is stacked behind AI development. The U.S. explicitly states it must beat China to AGI—making this the Manhattan Project of our lifetime. Shelly walks through what he's seen in successful companies (leadership using the tech, paid "Tech Tuesdays" for AI experiments, cross-discipline teams with SecOps and legal at the table) versus the chaos of places with no process. He breaks down what's real—drone warfare, cybersecurity applications, robotics—versus what's hot air. And he makes a case that won't be killed by AI itself, but by militarized applications and the geopolitical arms race we're already in.5 Key Takeaways from Shelly:Leadership belief and hands-on use are non-negotiable. Companies winning with AI have senior leaders who actually use the technology. When the CEO walks into an LT meeting saying "I built this agent over the weekend," everyone else starts experimenting too.The recipe for AI success has three ingredients: leadership belief, paid time to experiment (Tech Tuesdays/Thursdays with real budgets), and cross-discipline teams (SecOps, legal, compliance, risk) paving the way. Chaos erupts without this structure.You cannot build a point of view on AI from reading blogs or watching YouTubers. Pick a personal project you care about, go hands-on with a model (Claude, Gemini, GPT), and complete it from beginning to end. Only lived experience grounds your understanding.AI parallelizes with web 1.0: In 1998, you had to hand-code HTML, build databases manually, write raw JavaScript. Today you can vibe code a site in 90 seconds. AI will eventually reach "spin me up an expert that does X" without asking questions—we're not there yet, but it's inevitable.It's both bubble and Manhattan Project. Some valuations are insane and will burst. But military applications, cyber warfare, drone control, robotics—those aren't going anywhere. The government won't back off. Both outcomes happen simultaneously.This episode is brought to you by Zappar, creators of Mattercraft—the leading visual development environment for building immersive 3D web experiences for mobile headsets and desktop. Mattercraft combines game engine power with web flexibility and features an AI assistant to help you design, code, and debug in real time in your browser. Build smarter at mattercraft.io.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

From SHIFT by Commvault New York, I sat with Christopher Mierzwa on culture, clarity, and execution!!!!What you will get• Real takeaways from his panel• Why people, mindset, and culture decide security outcomes• Practical advice for leaders, CISOs, and CIOsHighlights• Culture beats tools when pressure hits. If teams do not trust each other, runbooks stall.• Mindset sets the tone. Treat incidents as system problems, not hero moments.• Practice builds confidence. Short drills with clear ownership move every metric that matters.Advice from Chris• Start with people. Define roles, practice handoffs, review the tape after every drill.• Build muscle memory. Run small, frequent exercises across IT, SecOps, and the business.• Keep the board close. Explain risk in plain language and track progress like product work.My takeSecurity is a team sport. The best programs invest in culture first, then controls.#data #ai #cloud #security #cybersecurity #recovery #resilience #commvault #shift2025 #shift #theravitshow

On this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year. From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess -we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry's mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

As we approach 2026, the promise of artificial intelligence across Southeast Asia and Hong Kong is palpable, driven in part by aspirations for unparalleled efficiency and innovation. Yet, for AI to truly deliver on this promise for business leaders, a critical threshold of trust and security must be crossed. The emergence of agentic AI—autonomous systems that can act, access data, and execute tasks—represents both the pinnacle of this potential and its greatest peril. With the region's rapid digital acceleration and complex regulatory tapestry, securing these agents from large-scale data breaches and operational disruption is no longer a future consideration; it is the definitive security mandate for 2026. The journey from hype to secured value depends on the governance, design, and vigilance we enact today.FutureCISO spoke to Ray Canzanese, director of Netskope Threat Labs, about the approaches the things that need to happen for AI to deliver on its promises in 2026.Questions:   1.       What is the most interesting observation you've seen in 2025?2.       As ASEAN releases its AI Guide and regional regulations evolve, what should be the priority for a CISO building a governance framework for agentic AI in 2026?3.       Why does agentic AI fundamentally change the cyber risk profile for an organisation, and how does this exacerbate threats in our interconnected Southeast Asian business landscape?4.       You've suggested the first major agentic AI-driven data breach could occur in 2026. What might a typical attack chain look like, targeting a poorly secured agent in a multinational based in Singapore or Hong Kong?5.       The principle of least privilege is challenging with dynamic AI agents. What are the practical steps for security leaders to implement effective permission models without stifling innovation?6.       How can frameworks like the Model Context Protocol (MCP) be leveraged to enforce a 'security-by-design' approach for AI agents, and is the industry in our region adopting them quickly enough?7.       With organisations here often using a mix of global and local AI providers, how should we approach the unique third-party and supply chain risks introduced by agentic AI ecosystems?8.       Beyond technical controls, what changes in day-to-day security operations (SecOps) are needed to monitor and respond to anomalous agent behaviour in real-time?9.       How can CISOs effectively communicate the tangible business risks—and secured value—of agentic AI to boards, CFOs, and COOs who are eager for competitive advantage?10.   Looking ahead to 2026, what one metric will indicate that an organisation in our region has successfully secured its agentic AI initiatives and is ready to scale?

On this episode of The Cybersecurity Defenders Podcast we speak with Rebekah Skeete, Executive Director and CEO of BlackGirlsHack Foundation. Rebekah dives into how BGH is helping to increase diversity in cybersecurity by bridging the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity.For more information visit: https://www.blackgirlshack.org/HomeRebekah Skeete is a Security Engineer with Schellman based in Dallas, Texas. As a member of the Infrastructure and Security team, Rebekah is part of a collaborative group of technology professionals serving as the primary technical resource to safeguard the organization's computer networks and systems. In her role, she is responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. Prior to joining Schellman in 2022, Rebekah worked for the Texas Rangers in a myriad of roles, including Cybersecurity Analyst and Manager of IT Applications and Operations. During the construction of the Rangers new state-of-the-art ballpark, Globe Life Field, Rebekah assisted the Rangers IT department's efforts to transition over 200 front office employees to their new workspaces. Outside baseball and IT, Rebekah is also interested in politics and started volunteering for campaigns in 2008. From 2013-2016, she served as a Campaign Manager in the Dallas-Fort Worth area. In 2015, she attended the Women's Campaign School at Yale. Rebekah is the COO of BlackGirlsHack, a nonprofit organization providing black women with resources, training, mentoring, and access to increase representation and diversity in the cybersecurity field. Committed to inclusion and belonging, she holds the firm belief that representation enhances the culture and community of an organization and seeks to amplify underserved voices at any table she has a seat.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comReact2Shell is the latest high-profile vulnerability in the web application landscape, scoring a critical CVSS 10.0 and drawing immediate comparisons to Log4Shell.Researchers at Noma Labs disclosed a critical vulnerability in Google's Gemini Enterprise AI assistant, dubbed GeminiJack, that allowed attackers to stealthily exfiltrate sensitive enterprise data.U.S. prosecutors have charged Victoria Eduardovna Dubranova, a 33‑year‑old Ukrainian woman, in two separate indictments for her alleged involvement with pro‑Russia hacktivist groups CyberArmyofRussia_Reborn and NoName057(16).A China-aligned threat actor identified as Warp Panda has been linked to recent compromises of VMware vCenter environments at U.S.-based organizations, according to a new report from CrowdStrike. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Alec Fenton, VP of Security Operations at Foresite Cybersecurity about his journey from SOC analyst to security leader.Alec Fenton is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Alec's commitment to excellence and his unwavering dedication to staying ahead of the curve in the ever-evolving field of cybersecurity have earned him recognition as a trusted advisor and thought leader in the industry. When he's not immersed in the world of IT security, Alec enjoys spending time outdoors, and help coach his son's baseball/basketball teams.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cybersecurity Cares, visit cybersecurity-cares.comThe Tomiris cyber-espionage group, which has been under Kaspersky's watch since 2021, has evolved its tactics in a new wave of attacks observed in early 2025. Article #2.CISA has recently added CVE-2021-26829 to its known exploited vulnerabilities, or KEV catalog, marking it as a confirmed threat based on real world exploitation. Researchers at KOI Security have identified a malicious NPM package, which not only performs typical credential stealing behavior, but also includes a new, subtle tactic attempting to manipulate AI-driven security scanners via embedded prompt engineering. Article #2.Iranian state sponsored threat group MuddyWater has launched a new wave of cyber espionage attacks targeting Israeli organizations across sectors including academia, civil infrastructure, engineering, technology and utilities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.For for more information about Cyber Security Cares, visit cybersecurity-cares.comAI is now fulfilling a long-standing hope of security teams: it's taking over repetitive, low-skill tasks like log reviews, alert triage, and basic investigations.Anthropic has disclosed what it believes is the first documented case of a largely autonomous AI-orchestrated cyber espionage campaign.The new "JackFix" variant of the ClickFix attack is gaining traction, and unlike its predecessors, it combines both social engineering and technical evasion tactics to bypass existing defenses more effectively.Researchers at Morphisec have uncovered a new six-month-long campaign weaponizing .blend files - native to Blender, the open-source 3D modeling software - to deliver a variant of the StealC information stealer.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Erik Bloch, VP of Security at Illumio, about better tools to combat burnout rate and discuss the reality of AI in security.Erik Bloch has 30+ years of information and cyber security experience, both as an IC and as a leader of teams. “People first” has always been his approach. He has led entire security and IT functions at smaller companies, and been the CISOs leading big teams at larger orgs. Erik also spent time on the product side, trying to make better tooling for people like him. With a mix of security, IT and product under his belt, Erik is at a place where connections, making meaningful change and driving impact in peoples lives, mean a lot to him. The smartest person he knows once said "Problems are really opportunities in disguise"​, and that's something Erik always tries to see.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Tech leaders are often led to believe that they have “full-stack observability.” The MELT framework—metrics, events, logs, and traces—became the industry standard for visibility. However, Robert Cowart, CEO and Co-Founder of ElastiFlow, believes that this MELT framework leaves a critical gap. In the latest episode of the Tech Transformed podcast, host Dana Gardner, President and Principal Analyst at Interabor Solutions, sits down with Cowart to discuss network observability and its vitality in achieving full-stack observability.The speakers discuss the limitations of legacy observability tools that focus on MELT and how this leaves a significant and dangerous blind spot. Cowart emphasises the need for teams to integrate network data enriched with application context to enhance troubleshooting and security measures. What's Beyond MELT?Cowart explains that when it comes to the MELT framework, meaning “metrics, events, logs, and traces, think about the things that are being monitored or observed with that information. This is alluded to servers and applications.“Organisations need to understand their compute infrastructure and the applications they are running on. All of those servers are connected to networks, and those applications communicate over the networks, and users consume those services again over the network,” he added.“What we see among our growing customer base is that there's a real gap in the full-stack story that has been told in the market for the last 10 years, and that is the network.”The lack of insights results in a constant blind spot that delays problem-solving, hides user-experience issues, and leaves organizations vulnerable to security threats. Cowart notes that while performance monitoring tools can identify when an application call to a database is slow, they often don't explain why.“Was the database slow, or was the network path between them rerouted and causing delays?” he questions. “If you don't see the network, you can't find the root cause.”The outcome is longer troubleshooting cycles, isolated operations teams, and an expensive “blame game” among DevOps, NetOps, and SecOps.Elastiflow's approaches it differently. They focus on observability to network connectivity—understanding who is communicating with whom and how that communication behaves. This data not only speeds up performance insights but also acts as a “motion detector” within the organization. Monitoring east-west, north-south, and cloud VPC flow logs helps organizations spot unusual patterns that indicate internal threats or compromised systems used for launching external attacks.“Security teams are often good at defending the perimeter,” Cowart says. “But once something gets inside, visibility fades. Connectivity data fills that gap.”Isolated Monitoring to Unified Experience Cowart believes that observability can't just be about green lights...

On this episode of The Cybersecurity Defenders Podcast we speak with Michael Baker, VP, Global Chief Information Security Officer at DXC Technology, about his optimistic outlook on the impact of AI in cybersecurity.Michael Baker is an accomplished cyber security executive with more than 24 years of experience in the field. He is passionate about building high-performing teams and transforming the way cyber risk is managed within businesses. Currently, Michael serves as the Global Chief Information Security Officer (CISO) for DXC Technology. In this capacity, he is responsible for protecting the brand and reputation of DXC Technology, a $14 billion global technology enterprise with 130,000 employees located across 80+ territories.Before joining DXC Technology, he held various leadership positions, including CISO, within the US government contracting and aerospace and defense industry, along with a long career serving clients as a cyber security and risk management consultant. Michael is known for his strategic vision, global program management, and ability to drive operational excellence across end-to end cyber services that provide measurable business value. Visit dxc.com for more info.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Google's Threat Intelligence Group has observed a significant shift in 2025, threat actors are no longer using AI to just speed up operations, they are now integrating LLMs directly into the malware.Unit 42 has identified a previously undocumented Android spyware family, named LandFall, discovered during an investigation into iOS exploit chains involving malicious DNG images.Microsoft's November Patch Tuesday rollout includes fixes for over 60 vulnerabilities, one of which is a zero-day privilege escalation flaw in the Windows kernel that has already been exploited in the wild.Former executive at L3Harris Trenchant, Peter Williams, has pleaded guilty in U.S. federal court to selling 8 trade secrets valued at over 1.3 million to a Russian-based software broker involved in the zero-day exploit market.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of Defender Fridays, we talk to Alec Fenton, VP Security Operations at Foresite Cybersecurity, practical career advice for defenders, SOC metrics that actually matter and AI in security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Alec is a seasoned Cyber Security professional with over 15 years of extensive experience across many IT domains. With a career spanning more than a decade, Alec has honed his expertise in addressing a broad spectrum of cybersecurity challenges, leveraging his analytical prowess and hands-on approach to leadership.Throughout his career, Alec has navigated the intricate landscape of IT security, working across various sectors including managed service providers and private companies. His tenure as an analyst in the cybersecurity space has not only equipped him with a deep understanding of emerging threats and vulnerabilities but has also shaped his leadership philosophy of "lead from the front."Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

What does it really take to build an AI-ready network in 2025? In this episode of Tech Talks Daily, I speak with Vikas Butaney from Cisco and Ali Tehrani from Presidio to unpack the biggest announcements from Cisco's Partner Summit and discuss how their collaboration is helping enterprises modernise networks for the AI era. Together, we explore how businesses can move faster, strengthen security, and simplify operations while adapting to a world of continuous data flow and intelligent automation. Vikas shares how Cisco's strategy is built around three customer imperatives: AI ready data centers, future proof workplaces, and digital resilience. He talks about how Cisco is weaving these priorities into new innovations such as secure routers with five times the throughput, Wi Fi 7 access points, and unified dashboards that bring Catalyst Center and Meraki together for a single view of the network. He also introduces AI Canvas, a multiplayer workspace that allows NetOps and SecOps teams to collaborate in real time, showing what it looks like when AI becomes part of the operational fabric rather than an add on. Ali joins the conversation with the partner's perspective, explaining how Presidio brings Cisco's architecture to life through the last mile of execution. He describes how the Cisco Unified Branch initiative uses AI workflows and branches as code to deliver zero touch rollout across thousands of sites. By combining automation, golden configuration templates, and telemetry driven SLAs, Presidio helps customers reduce deployment times from weeks to minutes while maintaining consistent performance and security. Throughout our discussion, we compare AI for networking, where AI helps to run and optimise the network, with networking for AI, which provides the infrastructure to power high volume AI workloads. We talk about how Cisco is building security directly into the network with Access Manager, simplifying IoT segmentation, and preparing for a post quantum world. This episode offers a clear, inside look at how Cisco and Presidio are shaping the next generation of secure, intelligent networks. So, how ready is your organisation for this new era of AI driven connectivity?   You said: Please also insert these links Press Release: Cisco Supercharges its Secure Enterprise Network Architecture for the AI Era Blog: Unlocking the AI Era: How Cisco is Delivering on its Vision for a Secure, Simplified, and Scalable Network Blog: From Fragmented to Future-ready with Unified Branch: Powering IT in the AI Era   ChatGPT said: What does it really take to build an AI ready network in 2025? In this episode of Tech Talks Daily, I speak with Vikas Butaney from Cisco and Ali Tehrani from Presidio to unpack the biggest announcements from Cisco's Partner Summit and discuss how their collaboration is helping enterprises modernise networks for the AI era. Together, we explore how businesses can move faster, strengthen security, and simplify operations while adapting to a world of continuous data flow and intelligent automation. Vikas shares how Cisco's strategy is built around three customer imperatives: AI ready data centers, future proof workplaces, and digital resilience. He talks about how Cisco is weaving these priorities into new innovations such as secure routers with five times the throughput, Wi Fi 7 access points, and unified dashboards that bring Catalyst Center and Meraki together for a single view of the network. He also introduces AI Canvas, a multiplayer workspace that allows NetOps and SecOps teams to collaborate in real time, showing what it looks like when AI becomes part of the operational fabric rather than an add on. Ali joins the conversation with the partner's perspective, explaining how Presidio brings Cisco's architecture to life through the last mile of execution. He describes how the Cisco Unified Branch initiative uses AI workflows and branches as code to deliver zero touch rollout across thousands of sites. By combining automation, golden configuration templates, and telemetry driven SLAs, Presidio helps customers reduce deployment times from weeks to minutes while maintaining consistent performance and security. Throughout our discussion, we compare AI for networking, where AI helps to run and optimise the network, with networking for AI, which provides the infrastructure to power high volume AI workloads. We talk about how Cisco is building security directly into the network with Access Manager, simplifying IoT segmentation, and preparing for a post quantum world. If you want to learn more about Cisco's announcements and vision for the AI era, check out these resources: Cisco Supercharges its Secure Enterprise Network Architecture for the AI Era Unlocking the AI Era: How Cisco is Delivering on its Vision for a Secure, Simplified, and Scalable Network From Fragmented to Future Ready with Unified Branch: Powering IT in the AI Era This episode offers a clear, inside look at how Cisco and Presidio are shaping the next generation of secure, intelligent networks. So, how ready is your organisation for this new era of AI driven connectivity?   Tech Talks Daily is Sponsored by NordLayer: Get the exclusive Black Friday offer: 28% off NordLayer yearly plans with the coupon code: techdaily-28. Valid until December 10th, 2025. Try it risk-free with a 14-day money-back guarantee.

On this episode of The Cybersecurity Defenders Podcast we speak with Navroop Mitter, CEO of ArmorText, about the role of Out-of-Band (OOB) communication in cyber incident response.ArmorText Named a Leader in The Forrester Wave™: Secure Communications Solutions, Q3 2024Cyber Resilience: Incident Response Tabletop ExercisesNavroop Mitter is the CEO of ArmorText, a mobile security and privacy company based in the Washington, D.C. area.Before founding ArmorText, Navroop was a Senior Manager in Accenture's North American Security Practice, where he built and led information security programs across multiple regions. He helped double Accenture's Scandinavian security practice within a year and established the firm's first near-shore security delivery center in Argentina, hiring and training over 30 practitioners in under 30 days.Navroop has led large-scale international security engagements, working across cultures and time zones to strengthen teams in the U.S., India, and abroad. Recognized for his entrepreneurial mindset and expertise in identity and access management, he became one of Accenture's most sought-after leaders for complex, multi-country security initiatives.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of Resilient Cyber, I sit down with Kamal Shah, Cofounder and CEO at Prophet Security, to discuss the State of AI in SecOps. There continues to be a tremendous amount of excitement and investment in the industry around AI and cybersecurity, with Security Operations (SecOps) arguably seeing the most investment among the various cybersecurity categories.Kamal and I will walk through the actual state of AI in SecOps, how AI is impacting the future of the SOC, what hype vs. reality is, and much more.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly observed threat campaign is exploiting Amazon Web Services' Simple Email Service using stolen credentials and open source tools to perform cloud reconnaissance and eventually launch Business Email Compromise scams. A critical vulnerability has been disclosed in the React Native Community CLI NPM package, a toolset widely used for building React Native applications.Microsoft's Detection and Response Team (DART) has discovered a novel backdoor, SesameOp, that uses the OpenAI Assistants API as a command-and-control (C2) channel, highlighting a new way attackers are misusing generative AI platforms.Researchers from Cyble and Seqrite Labs have disclosed a sophisticated malware campaign, dubbed Operation SkyCloak, targeting defense-related organizations in Russia and Belarus through weaponized attachments delivered via phishing emails.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of Defender Fridays, LimaCharlie Founder Maxime Lamothe-Brassard talks to Julie Agnes Sparks, Security Engineer at Datadog, about how to maximize logging visibility for effective detection engineering.Julie has a passion for continuous learning, proactively detecting significant security events, and responding effectively. Interests include: diversity & inclusion, privacy, and making technology more accessible.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of IT Insiders, Maddie Regis speaks with Ryan Braunstein and Mat Lee from Automox's security team about the evolution of automation in security operations. They discuss their career backgrounds, the day-to-day use of Automox for security tasks, and the innovative strategies they employ to enhance automation. The conversation also covers various tools used for advanced automation and concludes with a fun game related to video games and security.This episode originally aired September 19, 2024.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The UK Information Commissioner's Office (ICO) recently released a comprehensive 136-page report detailing the BlackBasta ransomware attack on Capita in March 2023.Kaspersky researchers have detailed two active campaigns from North Korean APT group BlueNoroff, which continue the group's long-running SnatchCrypto operation targeting individuals in financial and tech sectors.The exploitation of the first Chrome zero-day of 2025 has been attributed to a state-sponsored threat actor involved in Operation ForumTroll, a cyber-espionage campaign targeting Russian entities across sectors like education, finance, media, and government.Netscout has identified a newly emerging Internet of Things (IoT) botnet, Aisuru, which has already launched distributed denial-of-service (DDoS) attacks exceeding 20 Tbps, placing it among the most powerful botnets observed to date.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud and a recognized expert in SIEM, log management, and PCI DSS compliance, will help us cut through the buzzwords and discuss modern security operations.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Dr. Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. He is also a co-host of Cloud Security Podcast.Until June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. At Gartner he covered a broad range of security operations and detection and response topics, and is credited with inventing the term "EDR." He is a recognized security expert in the field of SIEM, log management and PCI DSS compliance. He is an author of books "Security Warrior", "PCI Compliance", "Logging and Log Management" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, honeypots, etc. His blog securitywarrior.org was one of the most popular in the industry.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Hannah Lloyd, Co-Founder and CRO of enhanced.io, about how MSPs can launch, sell and scale security offerings.With 10+ years of channel sales experience, Hannah leads global new business generation and account management to deliver innovative cybersecurity solutions to enhanced.io's MSP partners. As a GTIA EC member (2018) and Chair (2021), Hannah is actively involved in the MSP channel community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

George Werbacher, Head of Security Operations at Live Oak Bank, reviews the practical realities of implementing AI agents in security operations, sharing his journey from exploring tools like Cursor and Claude Code to building custom agents in-house. He also reflects on the challenges of moving from local development to production-ready systems with proper durability and retry logic. The conversation explores how AI is changing the security analyst role from alert analysis to deeper investigation work, why SOAR platforms face significant disruption, and how MCP servers enable natural language interactions across security tools. George offers pragmatic advice on cutting through AI hype, emphasizing that agents augment rather than replace human expertise while dramatically lowering barriers to automation and query language mastery. Through technical insights and leadership perspective, George illuminates how security teams can embrace AI to improve operational efficiency and mean time to detect without inflating budgets, while maintaining the critical human judgment that effective security demands. Topics discussed: Understanding AI's role in augmenting security analysts rather than replacing them, shifting roles toward investigation and threat hunting. Building custom AI agents using Python and exploring frameworks like LangChain to solve specific SecOps use cases. Managing moving agents from local development to production, including retry logic, failbacks, and durability requirements. Implementing MCP servers to enable natural language interactions with security tools, eliminating the need to learn multiple query languages. Navigating AI hype by focusing on solving specific problems and understanding what agents can realistically accomplish. Predicting SOAR platform disruption as agents take over enrichment, orchestration, and response with simpler automation approaches. Removing platform barriers by enabling analysts to use natural language rather than mastering specific tools or query languages. Exploring context management, prompt engineering, and conversation history techniques essential for building effective agentic systems. Adopting tools like Cursor and Claude Code to empower technical security professionals without deep coding backgrounds.  Listen to more episodes:  Apple  Spotify  YouTube Website

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A breach at the Kansas City National Security Campus (KCNSC), a facility responsible for manufacturing roughly 80% of the non-nuclear components for U.S. nuclear weapons, was enabled by two critical Microsoft SharePoint vulnerabilities.COLDRIVER, a Russian state-sponsored group also tracked as UNC4057, Callisto, or Star Blizzard, has shifted rapidly toward new malware development following the public exposure of its previous malware, LOSTKEYS, in May 2025.CISA has officially added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging swift remediation efforts across federal environments. Newer article link.Amazon Web Services (AWS) experienced a major outage on October 20th that impacted thousands of applications globally, disrupting operations for companies and end-users alike.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Ken, Senior Solutions Engineer at LimaCharlie, dives into the incredibly confusing licensing tiers, pricing models and feature sets for Microsoft Defender for Endpoint. Today we discuss: The difference between tiersWays to solve Defender visibility issues and increase operational transparencyHow its capabilities can be customized and expanded for better flexibility and scalability for service providersJoin the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.A big picture thinker, Ken ferrets out trends, seeking to understand what happens when businesses are breached and the methods behind the attacks. Then he figures out how to protect customers before they're hit.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Zane demonstrates deploying honeyfiles via Velociraptor and discuss deception techniques for early detection of compromise. Learn how decoy files can serve as tripwires for infostealers and adversaries in your environment. Watch on YouTube for better visuals.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CrowdStrike is tracking a mass exploitation campaign leveraging a previously unknown vulnerability in Oracle E-business suite or EBS. A threat group, tracked as Storm-2603, has been observed using the open source Velociraptor DFIR tool as part of it's post-exploitation toolkit in recent ransomware attacks.North Korean IT workers, operating under state direction, continue to infiltrate international tech companies using false identities and anonymizing infrastructure to secure jobs and route payments in cryptocurrency. Researchers from Anthropic, the UK AI Security Institute, and Alan Turing Institute have released the largest study to date on poisoning attacks during pre-training on large language models or LLMs.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A newly disclosed vulnerability in Redis, dubbed RediShell and tracked as CVE-2025-49844, affects all Redis versions and carries a maximum CVSS score of 10.0.Cisco has disclosed a critical zero-day vulnerability—CVE-2025-20352—affecting its widely deployed IOS and IOS XE software, confirming active exploitation in the wild.Researchers at NCC Group have found that voice cloning technology has reached a level where just five minutes of recorded audio is enough to generate convincing voice clones in real time.A China-linked cyber-espionage group, tracked as UNC5221, has been systematically targeting network infrastructure appliances that lack standard endpoint detection and response (EDR) support.Dutch authorities have arrested two 17-year-old boys suspected of being recruited by pro-Russian hackers to carry out surveillance activities.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Matt, Chief Strategy Officer at Cerby, discusses how the autonomous AI agents create a demand for a fresh approach to identity security and shares practical insights on navigating these new challenges.Join the Defender Fridays community, live every Friday, to discuss the dynamic world of information security in a collaborative space with seasoned professionals.Matt has spent 20+ years at the intersection of cybersecurity, strategy, and company building. His career began in the trenches as a practitioner and architect, grew into CISO and CSO roles, and today he helps scale Cerby as Chief Strategy Officer.At Cerby, Matt has been part of the journey from pre-launch through significant enterprise adoption, serving first as Founding Advisor, then Chief Trust Officer, COO, and now CSO. Each role reflected a different stage of building the company: establishing trust and market credibility, creating the operations foundation, and shaping long-term strategy and growth.Before Cerby, as part of the early RedLock team, Matt helped scale Prisma Cloud (formerly RedLock) from $4M to $500M+ ARR after Palo Alto Networks' $235M acquisition. That experience taught him how to scale security businesses from the ground up while staying connected to practitioner needs.Matt believes the best security leaders shouldn't have to choose between protecting and growing the business; his work is helping organizations achieve both.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastruture for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of The Cybersecurity Defenders Podcast we speak with Sarah Powazek about the Roadmap to Community Cyber Defense. Diving into the report, Sarah emphasizes the need for low-resource organizations and cyber experts to come together in a co-responsibility model for cyber defense. Learn more about the UC Berkeley Center for Long-Term Cybersecurity (CLTC).Get help or join the Cyber Resilience Corps here.Read the roadmap.Sarah leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience Corps and is also Senior Advisor for the Consortium of Cybersecurity Clinics, advocating for the expansion of clinical cyber education around the world. Sarah hosts the Cyber Civil Defense Summit, an annual mission-based gathering of cyber defenders to protect the nation's most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A recent investigation by the U.S. Secret Service claims to have uncovered a massive swatting infrastructure centered around New York City.Check Point researchers are tracking an Iran-linked cyber-espionage group known as Nimbus Manticore, which appears to be expanding its operations into Western Europe.A new wave of malicious advertising is targeting macOS users by impersonating widely used software and services through search engine ads.A new tool called SpamGPT is drawing attention in the cybersecurity community for effectively lowering the barrier to entry for large-scale spam and phishing campaigns.In light of increasing attacks on open source ecosystems, GitHub has disclosed recent security incidents affecting the npm registry, including the Shai-Hulud worm.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Stephen Gubenia, Head of Detection Engineering for Threat Response for Cisco Meraki, shares his evolution from managing overwhelming alert volumes as a one-person security team to architecting sophisticated automated systems that handle everything from enrichment to containment.  Stephen discusses the organizational changes needed for successful AI adoption, including top-down buy-in and proper training programs that help team members understand AI as a productivity multiplier rather than a job threat.  The conversation also explores Stephen's practical "crawl, walk, run" methodology for responsibly implementing AI agents, the critical importance of maintaining human oversight through auditable workflows, and how security teams can transition from reactive alert management to strategic agent supervision.  Topics discussed: Evolution from manual security operations to AI-powered agentic workflows that eliminate repetitive tasks and enable strategic focus. Implementation of the "crawl, walk, run" methodology for gradually introducing AI agents with proper human oversight and validation. Building enrichment agents that automatically gather threat intelligence and OSINT data instead of manual investigations. Development of reasoning models that can dynamically triage alerts, run additional queries, and recommend investigation steps. Automated containment workflows that can perform endpoint isolation and other response actions while maintaining appropriate guardrails. Essential foundations including proper logging pipelines, alerting systems, and detection logic required before implementing AI automation. Human-in-the-loop strategies that transition from per-alert review to periodic auditing and agent management oversight. Organizational change management including top-down buy-in, training programs, and addressing fears about AI replacing jobs. Future of detection engineering with AI-assisted rule development, gap analysis, and customized detection libraries. Learning recommendations for cybersecurity professionals to develop AI literacy through reputable sources and consistent daily practice. Listen to more episodes:  Apple  Spotify  YouTube Website

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.ESET Research has uncovered what it believes to be the first documented case of AI-powered ransomware, dubbed PromptLock.Multiple CrowdStrike-branded npm packages were recently discovered to be compromised, marking a new wave in the ongoing “Shai-Hulud” supply chain attack campaign.Researchers at AI security firm EdisonWatch have uncovered a new vulnerability in the ChatGPT calendar integration, revealing how it can be exploited to execute attacker-controlled commands.The most mature and globally distributed FileFix campaign observed to date is now active in the wild, according to researchers at Acronis.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

On this episode of the Cybersecurity Defenders Podcast we speak with Robert Boles, Founder / CEO of BLOKWORX.A veteran of the U.S. Marine Corps, Rob founded BLOKWORX in 2006 to further his passion for creating fast, secure networks. Since 1999 Rob was a core technical contributor and presenter on an Advanced IP Team, delivering bleeding edge WAN and Managed Security services to Small, Mid-level and Fortune 500 businesses around the world. The experience led him back to the same conclusion, regardless of size and resources, every company struggled with the same uncertainty – multiple vendors with infinite solutions, and no real clarity how to make it all “work.” Rob focused BLOKWORX on security, reliability, and positive user experience. He has built a team that leverages their expertise with extensive research and testing, alignment with vendors, partners, and clients, and the experience of 1000's of nodes managed and monitored, all supported by a mature delivery model built on years of operational experience. Rob is an avid outdoorsman and his favorite place to be is in a raft or a kayak with his son Jack.Learn more at blokworx.com.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A high-profile phishing incident has resulted in the compromise of several widely-used JavaScript packages on npm, after a developer known as "Qix" inadvertently clicked a malicious link from a fake support email.Multiple undersea cable cuts in the Red Sea have led to degraded internet connectivity across the Middle East and South Asia, affecting key infrastructure and cloud services.North Korean-aligned threat actors operating under the Contagious Interview campaign have been systematically abusing cyber threat intelligence (CTI) platforms to monitor exposure of their own infrastructure and scout for new assets.Researchers from Ontinue have detailed a sophisticated phishing campaign leveraging the Salty2FA phishing kit - a framework that reflects how cybercriminal tooling is increasingly mimicking enterprise-grade software in terms of design, capability, and operational maturity.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The Salt Typhoon cyber campaign, attributed to Chinese state-backed hackers, has been declared a national defense crisis by the FBI and allied intelligence agencies.A group identifying itself as “Scattered LapSus Hunters” has posted a threat on Telegram demanding that Google terminate two of its employees.A newly discovered WhatsApp vulnerability, now tracked as CVE-2025-55177, has triggered urgent security advisories, particularly for iPhone users.More than 1,000 developers were compromised in just over four hours on August 26 during an unprecedented, AI-assisted software supply chain attack targeting the npm ecosystem.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.CISA has added CVE-2025-54948, a critical vulnerability in Trend Micro Apex One, to its Known Exploited Vulnerabilities (KEV) catalog, signaling that the flaw has been actively exploited in the wild.PyPI has introduced new security measures to detect and respond to expired domains tied to user accounts, aiming to shut down a known supply chain attack vector: domain resurrection.A recently discovered post-exploitation tool named RingReaper is gaining attention for its sophisticated evasion strategy: abusing the Linux kernel's io_uring interface to operate undetected by standard endpoint detection and response (EDR) systems.A cyberattack on the Netherlands' Openbaar Ministerie (OM), the Public Prosecution Service, has unexpectedly disrupted speed enforcement across the country.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The conversation around cloud security is maturing beyond simple threat detection. As the industry grapples with alert fatigue, we explore the necessary shift from a reactive to a proactive security posture, questioning if a traditional SecOps model is sufficient for modern cloud environments.We spoke with Gil Geron, CEO of Orca Security, to examine the limitations of a SecOps-centric defense. SecOps teams are inherently reactive, they cannot be the sole guardians of cloud infrastructure. Instead, the conversation centers on a new blueprint: viewing cloud security as an end-to-end workflow that integrates development, deployment, and production runtime with a continuous feedback loop into policy.The role of AI is also explored, not just as a threat, but as an opportunity to empower security teams and make knowledge more accessible. We spoke about the power of context in reducing alert volume, citing a case where millions of vulnerabilities were prioritized down to a handful of actionable fixes.Guest Socials - Gil's LinkedinPodcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(02:12) Who is Gil Geron? From Check Point to CEO of Orca Security(02:54) What is Cloud Security in 2025? The Evolution to a Modern Workflow(05:50) How AI is Impacting the Cloud Security Landscape: A Salvation, Not a Risk(08:40) The Limits of a Reactive Approach: Why SecOps Can't Be Your Only Defense(12:15) The Surprising Truth: 95% of Cloud Malware is Introduced, Not Hacked(13:40) The Role of Identity in Cloud Security: The New Networking(18:00) The Current Cloud Security Landscape: From "Thumb Mistakes" to Neglected Assets(22:20) How CISOs are Modernizing Security by Modernizing Engineering Workflows(23:50) Reducing SOC Fatigue: How Context Turns Millions of Alerts into a Handful of Fixes(26:20) Is Auto-Remediation Safe? Why It's an Orchestration Challenge, Not a Technical One(35:20) Shifting Left with Production Context: The Future of AppSec & Cloud Sec(38:00) How to Choose a Security Vendor: Finding Hope, Not Fear(42:01) Final Questions: Hiking, Team Pride, and French FriesThank you to our episode sponsor - Orca Security

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.• Attackers are actively exploiting CVE-2023-46604, a remote code execution vulnerability in Apache ActiveMQ first disclosed in October 2023, that is used to compromise cloud-hosted Linux servers.• AshES Cybersecurity has publicly disclosed a critical zero-day vulnerability in Elastic's Endpoint Detection and Response (EDR) platform, specifically in the Microsoft-signed kernel driver elastic-endpoint-driver.sys.• At least a dozen ransomware groups are now deploying kernel-level EDR killers - tools designed specifically to disable endpoint detection and response solutions - as part of their malware arsenal.• Microsoft has released an in-depth technical analysis of PipeMagic, a modular backdoor linked to ransomware operations carried out by Storm-2460, a financially motivated threat group associated with RansomEXX.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel's eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft's Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into• US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcementSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.At Black Hat USA in Las Vegas, three security researchers demonstrated how Google's Gemini AI could be hijacked to take control of smart home devices using a novel form of indirect prompt injection.Two separate security teams - NeuralTrust and SPLX - have conducted red teaming evaluations of the newly released GPT-5, and both report serious deficiencies in the model's security posture.Another Black Hat story, security researchers Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies presented a compelling case that hacking satellites is not only more cost-effective than deploying anti-satellite missiles, but alarmingly easy due to widespread software vulnerabilities.Our final Black Hat story, Cisco Talos researchers disclosed five critical vulnerabilities in Broadcom's BCM5820X series chips, used in Dell's ControlVault3 secure enclave hardware.CISA and FEMA have jointly announced over $100 million in cybersecurity grant funding for the 2025 fiscal year, targeting state, local, and tribal governments.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.