Podcasts about secops

  • 168PODCASTS
  • 573EPISODES
  • 40mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 20, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about secops

Show all podcasts related to secops

Latest podcast episodes about secops

The Cybersecurity Defenders Podcast
Last call for Defenders - How we're actually using AI in the SOC with Eric Capuano / Defender Fridays [#332]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jun 20, 2026 37:05


Join us for the final episode of Defender Fridays as Eric Capuano, creator of Defender Fridays and co-founder of Digital Defense Institute, closes out the series with a candid conversation on how he's actually building and running agentic workflows in the SOC today.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this episode, Eric Capuano draws on years of SOC operations, detection engineering, and hands-on agentic workflow development to share what's actually working, what isn't, and where the industry needs to be more honest with itself.Key Topics:Why agentic workflows are the next evolution of SOAR, and what it takes to build them reliablyHow deterministic checkpoints at every stage are essential to making LLM-driven workflows trustworthyHow one team increased their detection engineering output by 900x using agentic workflows running day and nightWhy false positive tuning and detection engineering are the right place to start before tackling complex investigative workflowsHow to think about model selection in agentic pipelines: cost, task complexity, and stakesWhy organizations with poor data hygiene will struggle to get value from AI regardless of how sophisticated the tooling isThe risks of prompt injection when feeding untrusted inputs into LLMs, and why trusted inputs should always come firstWhy the goal is to use LLMs for as little as possible, and push everything else into deterministic stepsAbout Our GuestEric Capuano is the creator of Defender Fridays and co-founder of Digital Defense Institute. He has spent years doing SOC operations, detection engineering, threat hunting, and DFIR, and currently consults on building and deploying agentic SecOps workflows for security teams. He is also the author of the "So You Want to Be a SOC Analyst" training, which has put over 500 students through hands-on SOC workflows using LimaCharlie's free tier.Watch Us LiveDefender Fridays ran every Friday at 10:30am PT for over 100 sessions. Subscribe to our YouTube channel to catch up on past episodes.Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.Why LimaCharlie?Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieioX: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - Founder at LimaCharlieGuest: Eric Capuano - Co-founder of Digital Defense Institute

This Week in XR Podcast
The Year AI Became Militarized: Shelly Palmer on Government, Defense, and $3 Trillion Stacked

This Week in XR Podcast

Play Episode Listen Later Jun 19, 2026 63:12


Shelly Palmer has spent 45 years watching technology reshape every industry—from writing news themes for CBS to consulting with every major media company on AI strategy.On this year-end recap, he cuts through the noise with one devastating observation: 2025 was the year everyone talked about AI while almost nobody actually used it. Executives shook their heads knowingly in meetings, pontificated about capabilities the models don't yet have, and parroted nonsense they read from other people who knew nothing. But when you asked one innocent question, they crumbled.In the News: CES 2026 shapes up with Nvidia sponsoring two full days of AI training. Samsung is skipping the main floor for a massive offsite activation. Sony brings no electronics—only Honda's experimental vehicles. The TCL and Chinese companies' presence hinges on tariff policy. The innovation series breakfast that Shelly runs is becoming an official CES event after a decade of independence.The conversation spirals into deeper territory: $3 trillion in government money is stacked behind AI development. The U.S. explicitly states it must beat China to AGI—making this the Manhattan Project of our lifetime. Shelly walks through what he's seen in successful companies (leadership using the tech, paid "Tech Tuesdays" for AI experiments, cross-discipline teams with SecOps and legal at the table) versus the chaos of places with no process.He breaks down what's real—drone warfare, cybersecurity applications, robotics—versus what's hot air. And he makes a case that won't be killed by AI itself, but by militarized applications and the geopolitical arms race we're already in.5 Key Takeaways from Shelly:Leadership belief and hands-on use are non-negotiable. Companies winning with AI have senior leaders who actually use the technology. When the CEO walks into an LT meeting saying "I built this agent over the weekend," everyone else starts experimenting too.The recipe for AI success has three ingredients: leadership belief, paid time to experiment (Tech Tuesdays/Thursdays with real budgets), and cross-discipline teams (SecOps, legal, compliance, risk) paving the way. Chaos erupts without this structure.You cannot build a point of view on AI from reading blogs or watching YouTubers. Pick a personal project you care about, go hands-on with a model (Claude, Gemini, GPT), and complete it from beginning to end. Only lived experience grounds your understanding.AI parallelizes with web 1.0: In 1998, you had to hand-code HTML, build databases manually, write raw JavaScript. Today you can vibe code a site in 90 seconds. AI will eventually reach "spin me up an expert that does X" without asking questions—we're not there yet, but it's inevitable.It's both bubble and Manhattan Project. Some valuations are insane and will burst. But military applications, cyber warfare, drone control, robotics—those aren't going anywhere. The government won't back off. Both outcomes happen simultaneously.This episode is brought to you by Zappar, creators of Mattercraft—the leading visual development environment for building immersive 3D web experiences for mobile headsets and desktop.Mattercraft combines game engine power with web flexibility and features an AI assistant to help you design, code, and debug in real time in your browser. Build smarter at mattercraft.io. Hosted on Acast. See acast.com/privacy for more information.

The Cybersecurity Defenders Podcast
FFmpeg's 21 zero-days, Ruby cooldown feature, Microsoft disrupted by Shai-Hulud worm & Meta AI tool compromise / Intel Chat [#331]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jun 15, 2026 28:31


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.DepthFirst reported that it's autonomous security agent discovered 21 previously unknown vulnerabilities in FFmpeg, a widely deployed multimedia framework used across browsers, streaming infrastructure, and other systems that process media. Bundler, 4.0.13 introduces a new security feature called cooldown, aimed at reducing the impact of software supply chain attacks in the Ruby ecosystem. A new variant of the Shai-Hulud supply chain worm, known as Miasma, briefly disrupted Microsoft's software development ecosystem after compromising dozens of GitHub repositories.Meta says approximately 20,000 Instagram accounts may have been compromised through the abuse of an AI powered account recovery support system.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Paul's Security Weekly
The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462

Paul's Security Weekly

Play Episode Listen Later Jun 8, 2026 97:51


Interview with Filip Stojkovski on the State of AI in SecOps Filip joins us to talk through the 2+ year rollercoaster that Security Operations tooling has been on since AI entered the chat. We discuss the AI SecOps market, which Filip closely tracks through his SecOps Unpacked project. We also discuss how most of the market has traditionally been focused on the "middle" of the process, which is effectively alert management. Where the conversation really gets interesting is shifting left to discuss building better quality detections. Segment Resources: Be sure to check out SecOps Unpacked - it has more than just vendor information: there are articles, frameworks, podcast episodes, research, and articles/thought leadership Topic: The Unintended Consequences of Vulnmaxxing We discuss my latest blog post where I share a theory that perhaps Project Glasswing is a clever exclusive freemium tier, where Anthropic is hoping to ensnare the world's largest producers of software into using its most expensive model to fix their code for the foreseeable future, creating a much needed new revenue stream for the AI giant with a Trillion dollar valuation. There are some potential unintended consequences that come along with an expensive vulnerability discovery/remediation process that threatens to raise the security poverty line and leave less wealthy companies behind. The Weekly Enterprise News Finally, in the enterprise security news, If you were starting a cybersecurity company today, which category would you pick? layoffs funding the White House AI executive order OpenAI's frontier governance framework Anthropic's Zero Trust for AI agents guide IBM's vulnmaxxing efforts RICO as a service for job seekers Instagram had possibly the most embarrassing hack ever All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-462

Enterprise Security Weekly (Audio)
The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462

Enterprise Security Weekly (Audio)

Play Episode Listen Later Jun 8, 2026 97:51


Interview with Filip Stojkovski on the State of AI in SecOps Filip joins us to talk through the 2+ year rollercoaster that Security Operations tooling has been on since AI entered the chat. We discuss the AI SecOps market, which Filip closely tracks through his SecOps Unpacked project. We also discuss how most of the market has traditionally been focused on the "middle" of the process, which is effectively alert management. Where the conversation really gets interesting is shifting left to discuss building better quality detections. Segment Resources: Be sure to check out SecOps Unpacked - it has more than just vendor information: there are articles, frameworks, podcast episodes, research, and articles/thought leadership Topic: The Unintended Consequences of Vulnmaxxing We discuss my latest blog post where I share a theory that perhaps Project Glasswing is a clever exclusive freemium tier, where Anthropic is hoping to ensnare the world's largest producers of software into using its most expensive model to fix their code for the foreseeable future, creating a much needed new revenue stream for the AI giant with a Trillion dollar valuation. There are some potential unintended consequences that come along with an expensive vulnerability discovery/remediation process that threatens to raise the security poverty line and leave less wealthy companies behind. The Weekly Enterprise News Finally, in the enterprise security news, If you were starting a cybersecurity company today, which category would you pick? layoffs funding the White House AI executive order OpenAI's frontier governance framework Anthropic's Zero Trust for AI agents guide IBM's vulnmaxxing efforts RICO as a service for job seekers Instagram had possibly the most embarrassing hack ever All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-462

Paul's Security Weekly TV
The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462

Paul's Security Weekly TV

Play Episode Listen Later Jun 8, 2026 97:51


Interview with Filip Stojkovski on the State of AI in SecOps Filip joins us to talk through the 2+ year rollercoaster that Security Operations tooling has been on since AI entered the chat. We discuss the AI SecOps market, which Filip closely tracks through his SecOps Unpacked project. We also discuss how most of the market has traditionally been focused on the "middle" of the process, which is effectively alert management. Where the conversation really gets interesting is shifting left to discuss building better quality detections. Segment Resources: Be sure to check out SecOps Unpacked - it has more than just vendor information: there are articles, frameworks, podcast episodes, research, and articles/thought leadership Topic: The Unintended Consequences of Vulnmaxxing We discuss my latest blog post where I share a theory that perhaps Project Glasswing is a clever exclusive freemium tier, where Anthropic is hoping to ensnare the world's largest producers of software into using its most expensive model to fix their code for the foreseeable future, creating a much needed new revenue stream for the AI giant with a Trillion dollar valuation. There are some potential unintended consequences that come along with an expensive vulnerability discovery/remediation process that threatens to raise the security poverty line and leave less wealthy companies behind. The Weekly Enterprise News Finally, in the enterprise security news, If you were starting a cybersecurity company today, which category would you pick? layoffs funding the White House AI executive order OpenAI's frontier governance framework Anthropic's Zero Trust for AI agents guide IBM's vulnmaxxing efforts RICO as a service for job seekers Instagram had possibly the most embarrassing hack ever All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-462

Alliant Specialty Podcasts
Cybersecurity in the AI Era: How Predictive Security Is Reshaping Threat Detection and Prevention

Alliant Specialty Podcasts

Play Episode Listen Later Jun 8, 2026 19:57


Cybersecurity risk management is shifting from reactive threat detection to proactive, AI-driven predictive security strategies that help organizations identify and mitigate threats before incidents occur. Brendan Hall, Alliant Cyber, welcomes Paul Jespersen, founder and CEO of PRE Security, to discuss how predictive cybersecurity and AI-powered SecOps are giving organizations greater visibility into risk while reshaping cyber underwriting and incident prevention. They share practical insights on reducing false positives, strengthening cyber resilience and using real-time security intelligence to support smarter risk management decisions.

Enterprise Security Weekly (Video)
The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News - Filip Stojkovski - ESW #462

Enterprise Security Weekly (Video)

Play Episode Listen Later Jun 8, 2026 97:51


Interview with Filip Stojkovski on the State of AI in SecOps Filip joins us to talk through the 2+ year rollercoaster that Security Operations tooling has been on since AI entered the chat. We discuss the AI SecOps market, which Filip closely tracks through his SecOps Unpacked project. We also discuss how most of the market has traditionally been focused on the "middle" of the process, which is effectively alert management. Where the conversation really gets interesting is shifting left to discuss building better quality detections. Segment Resources: Be sure to check out SecOps Unpacked - it has more than just vendor information: there are articles, frameworks, podcast episodes, research, and articles/thought leadership Topic: The Unintended Consequences of Vulnmaxxing We discuss my latest blog post where I share a theory that perhaps Project Glasswing is a clever exclusive freemium tier, where Anthropic is hoping to ensnare the world's largest producers of software into using its most expensive model to fix their code for the foreseeable future, creating a much needed new revenue stream for the AI giant with a Trillion dollar valuation. There are some potential unintended consequences that come along with an expensive vulnerability discovery/remediation process that threatens to raise the security poverty line and leave less wealthy companies behind. The Weekly Enterprise News Finally, in the enterprise security news, If you were starting a cybersecurity company today, which category would you pick? layoffs funding the White House AI executive order OpenAI's frontier governance framework Anthropic's Zero Trust for AI agents guide IBM's vulnmaxxing efforts RICO as a service for job seekers Instagram had possibly the most embarrassing hack ever All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-462

The Cybersecurity Defenders Podcast
"Megalodon" Malware in GitHub, Malware-Slop steals from Claude AI, 7-Eleven breach & CISA cPanel vulnerability / Intel Chat [#328]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jun 1, 2026 29:05


Originally recorded: Friday May 29, 2026In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A large-scale software supply chain attack dubbed “Megalodon” infected thousands of GitHub repositories with credential-stealing malware in a highly automated campaign that unfolded over a six-hour period on May 18, 2026.Researchers from OX Security have identified a malicious npm package named “mouse5212-super-formatter” that was designed to steal files from Anthropic Claude AI environments by targeting the “/mnt/user-data” directory.Convenience store giant 7-Eleven disclosed a data breach tied to an attack that occurred on April 8, 2026, involving systems that contained franchise-related documents. SecurityWeek article Matt references.CISA has issued an urgent warning about a critical vulnerability in the LiteSpeed cPanel Plugin, tracked as CVE-2026-48172, which is already being actively exploited in the wild.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
GitHub repositories compromised, Webworm targets Europe, fake Outlook & cybercriminal VPN / Intel Chat [#326]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 29, 2026 24:27


Originally recorded: Friday May 22, 2026In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.GitHub has confirmed that roughly 3,800 internal repositories were accessed in a supply chain compromise tied to the hacking group TeamPCP.China-aligned threat actor Webworm has shifted its targeting focus from Asia to Europe, according to new research published by ESET.Researchers uncovered a previously undocumented Microsoft 365 account takeover panel that integrates directly with Evilginx Pro infrastructure to streamline token theft and post-compromise operations.European and North American law enforcement agencies announced the dismantling of “First VPN,” a VPN service allegedly built to support cybercriminal activity including ransomware operations, data theft, scanning, and denial-of-service attacks.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
"Dirty Frag", Canvas ransomware attack, “Mini Shai-Hulud” malware campaign & AI-developed zero-day exploit / Intel Chat [#324]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 18, 2026 28:49


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers have disclosed a new Linux local privilege escalation technique called “Dirty Frag,” which chains together two kernel vulnerabilities: CVE-2026-43284 in xfrm-ESP handling and CVE-2026-43500 in RxRPC.The breach affecting educational technology provider Instructure has raised broader concerns about the security dependencies schools have on third-party cloud platforms.Security researchers at Aikido are tracking a major expansion of the “Mini Shai-Hulud” malware campaign targeting the npm ecosystem.Google Threat Intelligence Group says threat actors are moving from experimental AI usage toward large-scale operational integration of generative models across the cyberattack lifecycle.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
Does the rise of AI mean human-led SOCs are obsolete? With Dr. Adeel Shaikh Muhammad [#322]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 13, 2026 25:18


Dr. Adeel Shaikh Muhammad, a cybersecurity strategist and global speaker with over 16 years of experience across information security, networks, and systems. Adeel brings a practical perspective on how organizations can adapt to evolving cyber threats and the growing role of AI in cybersecurity. Adeel, with an extraordinary portfolio of 40+ industry certifications, including CISSP, CISM, CISA, CCISO, PMP, CEH, ISO 27001 Lead Implementer & Auditor, and a robust suite of advanced Cisco, Microsoft, Fortinet, Barracuda, ITIL, PRINCE2, and AI-related credentials, he is a benchmark of technical mastery and visionary execution. His academic excellence includes a Master's in Cybersecurity and a current Doctorate in Business Administration (DBA) focused on the impact of AI in Security Operations Centers (SOCs) in the Gulf region.Adeel is the author of two acclaimed books—“AI-Driven Transformation of Security Operations Center (SOC)” and “AI and Us: The Ethical Choices”—bridging the critical intersection of AI innovation and ethical leadership.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

Cloud Security Podcast by Google
EP277: CISO as CFO, From Citi to Celery, It's All about the Cabbage

Cloud Security Podcast by Google

Play Episode Listen Later May 13, 2026 25:13


Guest: Arvin Bansal, CISO, C&S Wholesale Grocers Topics: Most people do not associate grocery wholesale and retail with cutting edge technology and threat models. Can you produce the receipts for why this isn't a story of dry goods but rather a very meaty topic with beefy adversaries?  How are you as the CISO enabling C&S's journey into AI and LLM driven work? Securing AI is a bit harder than securing classic analytics tools, right? In addition to securely rolling out AI, how is your defense team using AI to secure C&S? Are you into the era of agentic triage and response?  What metrics for AI is your D&R lead surfacing up to you? You have AI in the business process that - if failed - will leave people hungry. How do you approach AI resilience?  How do you approach resilience in general? Is cloud part of your resilience strategy? You worked at Citigroup for a long time. What's it like having grocery margin budgets for security instead? How does your thinking change? Does this shift your build/buy/outsource for security?  If your IoT stack falls over, you've got literal ice cream melting in a warehouse. How do you balance your investments in cyber risk with physical operational risk? Should I be scared of forklifts? Resources: EP275 Google Cloud Next 2026: The AI Earthquake, "SOC-home" Syndrome, and the Ragged Edge of Reality EP247 The Evolving CISO: From Security Cop to Cloud & AI Champion EP208 The Modern CISO: Balancing Risk, Innovation, and Business Strategy (And Where is Cloud?) EP212 Securing the Cloud at Scale: Modern Bank CISO on Metrics, Challenges, and SecOps

The Cybersecurity Defenders Podcast
Daily breach attempts target UAE, fake ransomware attack, PAN-OS vulnerability & Microsoft's Phone Link attack / Intel Chat [#321]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 12, 2026 27:28


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The cyber threat environment in the Middle East has intensified sharply following military operations involving Israel, the United States, and Iran. An intrusion campaign attributed with moderate confidence to the Iranian state-linked group MuddyWater was disguised as a Chaos ransomware attack, according to research from Rapid7.Palo Alto Networks has warned customers that a critical remote code execution vulnerability in PAN-OS is being actively exploited in the wild.Attackers are abusing Microsoft's Phone Link application in a campaign that Cisco Talos says has been active since January. Report here.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
Power systems under threat, Claude Mythos, suspicious KICS activity & JFrog / Intel Chat [#319]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 6, 2026 31:14


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Researchers are raising concerns about a new cybersecurity risk emerging from the systems that regulate electrical power inside modern electronics and infrastructure.Japan's financial sector is responding to concerns around Anthropic's new AI model, Claude Mythos, which some officials believe could significantly impact cybersecurity.Docker and Socket researchers discovered that malicious images were pushed to the official checkmarx/kics Docker Hub repository, indicating a supply chain compromise affecting the KICS infrastructure-as-code scanning tool.JFrog security researchers identified a malicious npm package published as @bitwarden/cli version 2026.4.0 that impersonates the legitimate Bitwarden command-line client.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
How AI adoption in enterprise infrastructure has expanded the attack surface with Katherine McNamara from Cisco / Defender Fridays [#318]

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 4, 2026 36:15


Today on Defender Fridays, Katherine McNamara, Cybersecurity Technical Solutions Architect at Cisco, joins us to discuss how AI and ML adoption in enterprise infrastructure has expanded the attack surface for AI-driven systems.She'll walk through the security challenges unique to generative AI and ML-based architectures, and cover the four critical components: Model, Data, Application, and System, that organizations need to secure to maintain integrity.Katherine works for Cisco as a Cybersecurity Systems Engineer by day and by night, she's labbing and trying new things with the resources she has available. Katherine loves technology and getting her hands into the CLI or trying something new. She holds a Bachelors of Science and Masters of Information Security and Assurance from Western Governors University as well as several industry certifications. Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

the csuite podcast
Show 297 - Google Cloud NEXT, Part 1 of 3 - AI, Security & the New Enterprise Architecture

the csuite podcast

Play Episode Listen Later May 1, 2026 42:51


The first of three episodes recorded at Google Cloud NEXT, Las Vegas in partnership with Kyndryl, the world's largest IT infrastructure services provider Host Russell Goldsmith was joined by: 1/ Kris Lovejoy, Global Head of Strategy, Kyndryl 2/ Vincenzo Forciniti, AI Adoption and Data Platform Leader, Fastweb & Vodafone 3/ Adrian Tatsch, VP AI Technology & Innovation, Equifax 4/ Patrick Bobrukiewicz, VP Data Services, Thrive Restaurant Group 5/ Kaapro Kanto, VP, Cybersecurity & Digital Platforms, DNA 6/ Brad Duff-Hudkins, VP Data Analytics, Next After Each of our guests offered a grounded, real‑world view of AI adoption at scale. The episode opens with Kris Lovejoy, Global Head of Strategy at Kyndryl, who outlines why digital sovereignty, geopolitical risk and regulatory pressure are reshaping enterprise architecture. She also breaks down the guardrails required for employee productivity tools versus mission‑critical agentic systems and why modernisation itself has become a security control. Next, Vincenzo Forciniti, AI Adoption & Data Platform Leader at Fastweb and Vodafone Italia, discusses the data‑unification challenges following Fastweb's acquisition of Vodafone Italia. He shares how the team built a shared data catalogue, why change management is often harder than technology, and how modernising legacy stacks is enabling scaled AI across SDLC optimisation, operations and customer‑facing processes. We then hear from Adrian Tatsch, VP of AI Technology & Innovation at Equifax, who explains how the company is connecting APIs to AI agents using Apigee MCP, and how Equifax's multi‑billion‑dollar cloud transformation has accelerated AI maturity. Adrian explains how Equifax is redefining human vs. non‑human work, upskilling, and measuring ROI across the organisation. Patrick Bobrukiewicz, VP of Data Services at Thrive Restaurant Group, shares a hospitality‑sector perspective on AI adoption. Kaapro Kanto, VP, Cybersecurity & Digital Platforms, DNA explains how DNA moved from traditional network operations to AI‑driven SecOps, enabling small businesses to benefit from enterprise‑grade detection, automation and response, and why the biggest barrier to AI maturity is shifting from pilot experiments to trusted, scalable operational models. And finally Brad Duff‑Hudkins, VP of Data Analytics at NextAfter, explains how his team used Google's data engineering agents to cut onboarding time from 2–3 weeks to just 72 hours, and why agentic AI is already unlocking faster, more personalised, more scalable data operations for lean teams. A fast, insight‑rich episode capturing the reality of AI transformation inside complex global enterprises, from security and sovereignty to data foundations, workflow automation and the future of human‑machine collaboration.

The Cybersecurity Defenders Podcast
Cybersecurity is a core leadership issue & opportunity with David Chernitzky from Armour Cybersecurity [#317]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 29, 2026 35:30


Today David Chernitzky, Co-Founder and CEO of Armour Cybersecurity, breaks down the challenges small and mid-sized businesses face in the new blink-and-you-miss-it cybersecurity landscape. Don't be left behind and open yourself to AI-driven attacks from threat actors.David Chernitzky brings over 25 years of deep cybersecurity and military cyber intelligence experience, with a career rooted in strategic risk management and protecting critical systems against advanced threats. As the driving force behind Armour Cybersecurity, he has guided the company's growth into a trusted global security partner for enterprises and small-to-midsized organizations. David combines strategic vision with hands-on expertise to deliver practical, high-impact cyber defence solutions. Learn more here: https://armourcyber.io/Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

The Cybersecurity Defenders Podcast
Millions in crypto stolen, Vercel breach, Mastodon DDoS attack, North Korean IT workers at 100s of U.S. companies & ransomware negotiator pleads guilty / Intel Chat [#316]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 27, 2026 31:57


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.North Korea-linked hackers are believed to be responsible for a $290 million cryptocurrency theft targeting the Kelp DAO decentralized finance protocol.Vercel, the company behind the popular Next.js web framework and a frontend cloud platform for deploying and hosting web applications, has confirmed that it suffered a security breach involving unauthorized access to internal systems.The decentralized social media platform Mastodon experienced a major distributed denial-of-service attack that caused a significant outage on its flagship server, Mastodon.social.Two U.S. nationals have been sentenced for helping North Korean remote IT workers fraudulently obtain jobs at more than 100 U.S. companies using stolen American identities.A former ransomware negotiator has pleaded guilty to conspiring with the BlackCat/ALPHV ransomware group to conduct attacks against U.S. organizations in 2023.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
Real examples of AI-powered code scanning with Jeff McJunkin from Rogue Valley Information Security / Defender Fridays [#315]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 27, 2026 32:41


Jeff McJunkin, Founder of Rogue Valley Information Security, joins Defender Fridays to talk AI-powered code scanning for vulnerabilities. Jeff walks through real examples including using AI to find privilege escalation bugs in the Linux kernel.Jeff McJunkin is the founder of Rogue Valley Information Security, a consulting firm specializing in penetration testing and red team engagements. Jeff found the offensive side of cyber security very alluring during one the first penetration tests of his career. Feeling the challenge of host defenses like AV and centralized logging, and, at the time, knowing nothing about AV evasion or avoiding events that are likely to cause alerts, it was all very exciting. The challenge of successfully accomplishing the goal of that pen test, using essentially only native tools, was addictive for Jeff. He was hooked. Since those first penetration tests, Jeff has gone on to become an expert in the field, doing assessments for Fortune 100 companies, architecting two major versions of Core NetWars Experience, and contributing a vast amount of material to SANS Penetration Testing.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

CIO Classified
How to Close the Machine-Speed Gap in Cyber Defense with Nik Seetharaman of Wraithwatch

CIO Classified

Play Episode Listen Later Apr 23, 2026 29:39


Nik Seetharaman has watched the offensive side of cybersecurity adopt AI tools at a pace defenders can't match. So, he built a company to close that gap.  Before founding Wraithwatch, he was the first CIO of Anduril, a defense tech company he joined when it was 100 people and helped scale through hypergrowth. His path (Palantir to SpaceX to building AI-native cyber defense platforms for over a dozen federal agencies) gives him a view most CIOs and CISOs don't have. In this episode, Nik makes the case that AI has created a forcing function for CIOs and CISOs to finally work together, plus, shares how to run a pilot that actually moves the needle, why blocking AI tools backfires, and what the OpenClaw security drama gets right and wrong. 3 Takeaways: The CIO-CISO turf war is now a competitive disadvantage. Whoever figures out AI collaboration first wins. Treat every internal AI rollout like a startup: small cohort, parallel security review, measure the outcome in revenue. The best investment a new CIO can make isn't a security stack—it's coffee with people. Chapters: [01:46] What Wraithwatch Builds [05:25] AI Forces CIO / CISO Alignment [07:55] OpenClaw Security Tradeoffs [09:21] SecOps at Developer Speed [12:49] Rolling Out Risky Tools [14:44] Why Leaders Must Use AI [19:01] How to Reorg for the AI Era [22:30] Vendor Hunting for Grand Slams [25:49] $30M Contract and What's Next About Nik: Nik Seetharaman is the Founder and CEO of Wraithwatch, a next-generation cyber defense company building AI-native command-and-control platforms for the United States and its allies. He co-founded the company alongside fellow SpaceX alumni Grace Clemente and Carlos Moss. Before starting Wraithwatch, Nik served as the first CIO of Anduril, a defense technology company he joined when it was approximately 100 people, where he built the cybersecurity function from the ground up and saw the company through hypergrowth. His career spans cybersecurity leadership roles at Palantir, SpaceX, and Andel, giving him a rare vantage point across the offense-defense asymmetry that defines today's threat landscape.  Guest Highlights:"You can't have the attackers operating at the speed of a machine out here, and the defenders operating at the speed of a human in here." "Any business that's able to figure out this equation and execute it successfully is going to just crush their competition—because they're gonna move at warp speed and their competition will still be moving at human speed." "If I could rewind my first days at Andel, it's not to deploy more controls, it's not to learn about some new security stack or software—I would've just had more coffee with people. The human capital you build doing that pays off in spades. Because that's the thing that's rare in an age where the machines are taking over." Get Connected: Ian Faison: https://www.linkedin.com/in/ianfaison Nik Seetharaman: https://www.linkedin.com/in/nikseetharaman/ Resources: OpenClaw: https://openclaw.ai LangChain: https://www.langchain.com Cursor: https://cursor.com Our Sponsor:  Want to accelerate software development by 500%? Meet Blitzy, the only autonomous code generation platform with infinite code context, purpose-built for large, complex enterprise-scale codebases. While other AI coding tools provide snippets of code and struggle with context, Blitzy ingests millions of lines of code and orchestrates thousands of agents that reason for hours to map every line-level dependency. With a complete contextual understanding of your codebase, Blitzy is ready to be deployed at the beginning of every sprint. Blitzy handles the heavy lifting, delivering over 80% of the work autonomously. The platform plans, builds, and validates premium-quality code at the speed of compute, turning months of engineering into a matter of days. It's the secret weapon for Fortune 500 companies globally. To hear how engineering leaders are transforming the way they deliver software, visit blitzy.com. Schedule a meeting with their consultants to enable an AI-Native SDLC in your organization today. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Cybersecurity Defenders Podcast
How can we improve global security? With J. Michael Daniel from Cyber Threat Alliance [#314]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 22, 2026 40:27


J. Michael Daniel, President and CEO of Cyber Threat Alliance (CTA), gives us a peek behind the U.S. Government cybersecurity curtain and how he has helped improve the nation's security through the CTA.Michael leads the CTA team and oversees the organization's operations. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations. Learn more at: https://www.cyberthreatalliance.org/Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

The Cybersecurity Defenders Podcast
China-linked group targets cloud workflows, Russian cyber espionage, agentic AI systems flaw & Nginx vulnerability / Intel Chat [#313]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 20, 2026 31:09


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Intercept and control AI agent activity with Viberails by LimaCharlie: viberails.ioAPT41, a China-linked threat group is deploying a previously undetected backdoor targeting Linux based cloud workflows.Fancy bear, also known as APT28 or Forest Blizzard, is a Russian cyber espionage group believed to operate on behalf of the country's military intelligence services, the GRU. Trend Micro research here.Anthropic's Model Control Protocol widely used in agentic AI systems to connect AI agents with data sources, contains a design flaw that would enable large-scale supply chain attacks. Report here.There's a critical vulnerability in nginx-UI, a web-based management interface for Nginx servers, which is being actively exploited and could allow attackers to take full control affected systems.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
How do you know your AI agents are actually correct? With Dylan Williams from Spectrum Security / Defender Fridays [#312]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 17, 2026 33:26


Today, Dylan Williams, Co-Founder and Chief Research Officer at Spectrum Security, joins Defender Fridays to dig into that exact problem: self-evaluating agents, trajectory analysis, and what improvement looks like in production.Learn more at https://www.spectrum.security/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
Understanding how attackers think & helping you avoid threats with Terry Bradley from Mile High Cyber [#311]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 15, 2026 38:57


Terry Bradley, Founder and President of Mile High Cyber, shares how you can uncover vulnerabilities and strengthen your organization's defenses with expert penetration testing and security assessments.Terry is a former hacker for the NSA and uses those same skills at Mile High Club, the firm he founded, to help businesses stay one step ahead of cybercriminals. After a lifelong passion for security, starting with his time as a 1990 graduate of the U.S. Air Force Academy, Terry has spent his career understanding how attackers exploit weaknesses and helping businesses stay ahead of threats. From penetration testing to enterprise risk management, he's worked with organizations of all sizes to uncover vulnerabilities, enhance security resilience, and protect what matters most. Learn more at https://www.milehighcyber.com/Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

The Cybersecurity Defenders Podcast
Iran-linked cyber attacks U.S. critical infrastructure, FlamingChina, Node.js targeted & Storm-1175 / Intel Chat [#310]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 13, 2026 39:15


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Federal cybersecurity agencies have issued an urgent warning about Iran-linked cyberattacks targeting operational technology (OT) systems across U.S. critical infrastructure.A hacker operating under the alias “FlamingChina” claims to have breached a Chinese state-run supercomputing facility and stolen a large dataset that may exceed 10 petabytes of information.Multiple high-profile maintainers in the Node.js ecosystem report being targeted in a coordinated social-engineering campaign aimed at compromising widely used open-source packages.Microsoft Threat Intelligence reports that the cybercrime group Storm-1175 is conducting rapid ransomware campaigns deploying the Medusa ransomware family.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
Levelling up your AI SOC with Joshua Neil from Alpha Level / Defender Fridays [#309]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 10, 2026 34:18


Joshua Neil, Co-Founder of Alpha Level, dives into a more sophisticated understanding of AI SOCs. Join the conversation about this industry change on Defender Fridays.Dr. Joshua Neil, has been a pioneer in applying machine learning to cybersecurity since 2000, starting his journey at Los Alamos National Laboratory. There, he co-developed Pathscan, a network anomaly detection system capable of spotting attacks that slip past traditional defenses. In 2014, he and CEO Mike Pozmantier took that innovation to market by licensing Pathscan to Ernst & Young (EY), turning deep research into enterprise impact.That experience exposed a hard truth: anomaly detection is powerful at catching unknown threats - but on its own, it creates too much noise. Josh went on to tackle the other half of the problem, alert overload, through leadership roles at Microsoft and Securonix, gaining firsthand insight into the real-world struggles of security teams.In 2023, Josh and Mike launched Alpha Level to bring both worlds together: pairing the depth of anomaly detection with the precision of behavioral threat signals. The result? A platform that reduces false positives, adapts to your environment, and lets teams focus on real threats—before they become breaches. Learn more here: https://alphalevel.ai/Learn more at reconinfosec.comRegister for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
Why cyber analysts are crucial in protecting public infrastructure with Michael Hamilton from PISCES International [#308]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 8, 2026 45:14


Michael Hamilton, Chief Technology Officer at PISCES International, joins us to discuss the benefits of providing real world experience to students while they protect existing public infrastructure. The resilient future of local government security rests in our ability to adapt to changing threats and adopt new technologies, including AI.Learn more at https://pisces-intl.org/30 years in Information Security as a practitioner, entrepreneur, consultant, and in executive management. Direct experience in retail, manufacturing, government, defense, academic, semiconductor, energy, law enforcement, transportation, publishing and financial sectors - from Fortune 1 to small nonprofits. Formerly: Policy Advisor to Washington State, Chief Information Security Officer for the City of Seattle, and Managing Consultant for VeriSign Global Security Consulting. Former Vice-Chair of the DHS State, Local, Tribal and Territorial Government Coordinating Council.Currently: Field CISO, Lumifi CyberSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

Cloud Wars Live with Bob Evans
How ServiceNow Is Scaling Secure AI with Zenity Integration

Cloud Wars Live with Bob Evans

Play Episode Listen Later Apr 8, 2026 2:20


In today's Cloud Wars Minute, I explain how ServiceNow is enabling secure, scalable adoption of AI agents across the enterprise. Highlights 00:03 — ServiceNow is joining forces with Zenity, the first security and governance platform that's been purpose-built for AI agents. Zenity is becoming a ServiceNow build partner, bringing with it a range of capabilities to ServiceNow Security Operations, including agent security, posture management, and vulnerability assessment. 00:25 — Deepak Kolingivadi, VP of Product Management and Head of Security Products at ServiceNow, said the following about this new partnership: “AI agents are transforming how work gets done across the enterprise, including Security Operations. Our partnership with Zenity strengthens the ServiceNow AI control tower and Security Operations solutions.” 01:01 — Now, collectively, these new capabilities bring to ServiceNow customers a greater ability to scale the use of AI agents safely and with full confidence as part of their existing SecOps processes. And what we're seeing here is ultimately a new category, AI Security Operations, or AI SecOps. 01:26 — It's also important to note that by embedding this governance layer through its build partnership, ServiceNow is demonstrating that it's truly ahead of the curve here. All new products delivered by software vendors need integrated security and governance, and agentic AI is no exception. 01:58 — The key word here is scale. ServiceNow has the tools to drive AI across the breadth of a business, and now through Zenity, it's delivering the ability to do this at scale. Visit Cloud Wars for more.

The Cybersecurity Defenders Podcast
Iran's IRGC threatens U.S. tech companies, FBI Director hacked, Venom Stealer & Hasbro cyber attack / Intel Chat [#307]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Apr 6, 2026 23:17


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Iran's Islamic Revolutionary Guard Core, or the IRGC, announced that it plans to begin attacks on more than a dozen American technology companies operating across the middle east, starting after 8pm Tiran time on April 1st.A pro-Iranian hacking group, known as Hendala, has claimed responsibility for breaching a personal account belonging to FBI Director, Kash Patel.A newly discovered malware-as-a-service platform called Venom Stealer is automating the creation and deployment of quick-fix social engineering attacks, significantly lowering the barrier for cyber criminals.Toy and entertainment company, Hasbro, disclosed that it experienced a cyber attack that disrupted some of its internal operations, in a filing with the U.S. Securities and Exchange Commission.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

ITSPmagazine | Technology. Cybersecurity. Society
When Every Second Counts, Who Knew What and When? | A Brand Spotlight at RSAC Conference 2026 with Vaughan Shanks, Co-Founder and CEO of Cydarm Technologies

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 2, 2026 18:55


In the middle of a major incident, security teams face a brutal paradox: the faster things move, the harder it becomes to capture what's actually happening. Cydarm Technologies was built to solve exactly that. Vaughan Shanks, Co-Founder and CEO, describes the platform as a system of record for the SOC -- a purpose-built case management tool that captures who knew what, when, and why, in real time, throughout the lifecycle of an incident. Most of Cydarm's customers sit in government, defense, and critical infrastructure -- organizations where the pressure of regulatory compliance, legal accountability, and board-level reporting is highest. But the value extends well beyond compliance. Shanks draws a direct line from his time in Australian federal government to the philosophy behind Cydarm: good record keeping is good governance. When a capital-I incident is declared, legal, HR, communications, the C-Suite, and the board all need a view in. Cydarm's fine-grained, attribute-based access control makes it possible to give each stakeholder exactly the access they need -- and no more. What sets Cydarm apart from the ticketing systems most teams already have? Shanks puts it plainly: ITSM was built for IT service management, not adversarial cyber threats. The volume, velocity, and variety of SecOps are simply different. Cydarm is designed to feel more like WhatsApp and less like ITSM -- rich data format support, Easy Connect integrations, and a collaborative experience built specifically for high-frequency security operations. Teams that have built workarounds in existing tools know the maintenance burden that comes with it. Cydarm eliminates that mess. The post-incident dimension is where the system of record pays compounding dividends. Shanks outlines three paths: individual incident reports with adjustable significance levels for different audiences; longitudinal metrics capture that reveals the threat environment your controls aren't blocking; and resource justification data that gives security leaders the evidence to defend headcount and budgets. One customer -- a security leader at a major household brand -- had never experienced a breach, and had long struggled to justify the size of their team. With Cydarm's metrics, they finally had the data to make the argument. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vaughan Shanks, Co-Founder and CEO, Cydarm Technologieshttps://www.linkedin.com/in/vaughan-shanks/ RESOURCES Cydarm Technologies: https://www.cydarm.com KEYWORDS Vaughan Shanks, Cydarm Technologies, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cyber incident response, SOC case management, security operations, incident management platform, system of record, RSAC Conference 2026, NIST incident response, playbook management, SecOps, ITSM alternatives, post-incident review, threat metrics, CISO accountability Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Cybercrime Magazine Podcast
RSAC 2026. Marlink On Stellar Cyber Partnership, AI, & More. Youri Hart, VP Products & Solutions.

Cybercrime Magazine Podcast

Play Episode Listen Later Apr 2, 2026 3:51


Youri Hart is the VP of Products & Solutions at Marlink. In this episode, he joins host Amanda Glassner at the 2026 RSA Conference, where they discuss Marlink's partnership with Stellar Cyber, AI's impact on SecOps outcomes, and more. This episode is brought to you by Stellar Cyber. To learn more about our sponsor, visit https://StellarCyber.ai.

The Cybersecurity Defenders Podcast
Malicious geopolitical cyber activity, cyberattacks tied to conflict in Iran, open source supply chain attack & AI autonomous espionage / Intel Chat [#306]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 30, 2026 35:36


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Since the onset of the conflict in the Gulf region, cybersecurity researchers have observed a noticeable rise in malicious cyber activity tied to geopolitical events.Unit 42 researchers are warning about an increased risk of destructive cyberattacks tied to the conflict involving Iran.The hacking group known as TeamPCP has expanded a large-scale supply chain campaign targeting widely used open source software ecosystems.In September 2025, Anthropic disclosed an incident in which a state-sponsored threat actor used an AI coding agent to conduct an autonomous cyber espionage campaign targeting 30 organizations worldwide.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
What makes a strong security team? With Andrew Cook from Recon InfoSec / Defender Fridays [#305]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 27, 2026 32:02


This week on Defender Friday we are joined by Andrew Cook, CTO of Recon InfoSec, to talk about what it means to build a strong security team and why hiring builders is always a good bet.As the CTO of Recon InfoSec, a leading provider of managed security operations, Andrew oversees the technical vision, strategy, and execution of their services and solutions. He has more than a decade of experience in threat hunting, digital forensics, network defense, and capability development.Andrew's mission is to provide customers with the expertise they need to confidently and effectively respond to incidents, protect their organizations, and enhance their resilience. He has a proven track record of delivering high-quality results, leading and mentoring teams, and collaborating with partners across the industry and the government. Andrew is also a former Air Force officer, with national-level contributions and a passion for technical leadership.Learn more at reconinfosec.comRegister for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
Bringing 40+ year old industrial security systems into the 21st century with Justin Searle from InGuardians [#304]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 25, 2026 31:08


Justin Searle, Director of ICS Security at InGuardians, joins us today to talk about the challenges facing industrial control system security. With increased attack surface areas and maintaining and updating decades-old systems, Justin's dedication to informing and educating newcomers and experts alike is more important now than ever before.As the Director of ICS Security at InGuardians, Justin specializes in ICS security architecture design and penetration testing. He led the Smart Grid Security Architecture group in creating the NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin is the owner of ControlThings LLC, a member of the SANS faculty, and an instructor at BlackHat. He has authored and taught numerous courses such as ICS410: ICS/SCADA Security Essentials, Assessing and Exploiting Control Systems and IIoT, Assessing and Exploiting Web Applications with SamuraiWTF, and SEC542: Web App Penetration Testing and Ethical Hacking. Justin also presents on a range of cybersecurity topics at leading security conferences across the globe.Learn more at: controlthings.ioSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

The Cybersecurity Defenders Podcast
Is it smart to have AI agents act as employees? With David Burkett from Corelight / Defender Fridays [#303]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 20, 2026 35:25


David Burkett, Cloud Security Researcher at Corelight, is back on Defender Fridays this week to discuss thinking in pipelines for AI agents.As a dedicated and highly experienced Cloud Detection Engineer and Security Architect, David has the privilege of working at a Fortune 50 Company where he leverages his extensive background in cybersecurity to protect digital assets. With a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers.David's expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. He's proud to have been part of a large overall security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. Our security operations center was recognized as being among the top 1% of cybersecurity programs for all cleared facilities.In addition to his hands-on experience, David has consulted for over 40 Fortune 500 Companies and Large Federal Organizations, helping them manage their SOAR platforms and playbooks. As a strong believer in knowledge sharing and collaboration, he's also an active contributor to the open-source detection security project known as Sigma. Learn more at https://corelight.com/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
How to think long-term growth in an AI-dominated industry with Stel Valavanis from onShore Networks [#302]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 19, 2026 38:51


Today we're speaking with Stel Valavanis, Founder and Chairman at onShore Networks and Co-Founder at The Gallery Building, about sustaining a security company over three decades of industry changes. We also dive into investing in start ups and how founders can think long term about governance and growth.Stel has over 40 years of experience ranging from software development to network design and cybersecurity. He's founded 8 companies, invested in 10 more, and sit on various boards. His goal is to build the best tech stack for his customers but also wants to pay forward and make investments in startups, leveraging his knowledge and resources. Stel is always open to board positions and speaking engagements on cybersecurity, media technology, startup investing, and entrepreneurship.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

Next in Tech
The RSAC Conference – Agents on The Loose

Next in Tech

Play Episode Listen Later Mar 18, 2026 28:36


The RSAC Conference, a major cybersecurity gathering in the spring, is coming up and the impacts of agents will be on full display. Scott Crawford, Brenon Daly, and Dan Kennedy join host Eric Hanselman to explore their expectations and look at what's been taking place in both the marketplace, investments and M&A activity. Agents are automating tasks, not jobs, and there are a great set of use cases, but they're not a panacea. There will be disruption, but it will be in specific areas, rather than a universal replacement of existing tooling. Are we industrializing the automated creation of software? Will agents really replace SaaS applications? We're clearly in the early days, but these questions are causing massive market shifts. A better question is how agentic interactions will change how we interact with the applications that drive businesses today. Join the team at RSAC and get all the details we didn't have time to cover. The annual 451 Research breakfast will be on, as always, so you can meet the team in person.    More S&P Global Content: 451 Research RSAC Breakfast 2026: Beyond the shine of AI, a new cyber reality is unfolding Next in Tech | Ep. 222: FinOps – Managing Cloud and AI Costs Next in Tech | Ep. 205: Agentic AI Impacts       RSAC Conference 2025: Breaking records at the threshold of uncertainty   For S&P Global subscribers: An ominous opening for RSA AI, automation enhance SecOps by reducing alert burdens, boosting efficiency Software's bloodless evolution turns bloody Big Picture 2026 AI Outlook: Unleashing agentic potential   Credits: Host/Author: Eric Hanselman Guests: Scott Crawford, Brenon Daly, Daniel Kennedy Producer/Editor: Feranmi Adeoshun Published With Assistance From: Sophie Carr, Kyra Smith  

The Cybersecurity Defenders Podcast
Cyber Strategy for America, new targets in war in Iran, Camaro Dragon & medical manufacturer Stryker attacked / Intel Chat [#301]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 17, 2026 32:58


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.The White House released President Trump's Cyber Strategy for America, outlining a national framework to strengthen both defensive and offensive cybersecurity capabilities.Iran has expanded the scope of potential targets in the ongoing conflict with Israel and the United States by identifying infrastructure tied to major American technology companies in the Middle East as “legitimate targets.”Chinese-linked threat actors have launched cyberattacks against organizations in Qatar shortly after the initial US-Israel strikes on Iran, indicating a shift in regional targeting strategy.An Iranian-linked hacking group has claimed responsibility for a cyberattack on U.S.-based medical equipment manufacturer Stryker, which disrupted the company's technology operations across its global offices.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

AI in Action Podcast
ServiceNow Series E216: 'Building a Winning ServiceNow Strategy' with Crossfuze's David Shake

AI in Action Podcast

Play Episode Listen Later Mar 16, 2026 23:02


Today's guest is David Shake, Director, ServiceNow PMO - North America at Crossfuze. Founded in 2000, Crossfuze is a global consulting and services firm specializing in the ServiceNow platform. As a 2025 ServiceNow Partner of the Year, Crossfuze helps organizations accelerate digital transformation through advisory, implementation and managed services. The company focuses on optimizing workflows, improving service delivery and enabling customers to maximize the value of their ServiceNow investments.David is a focused and innovative professional with strong leadership, management, and communication skills. He excels in balancing competing priorities while building collaborative teams and strong client relationships. As a Client Lead at Crossfuze, David directs complex projects involving process and system design, resource management, and global service delivery. Passionate about customer success, David leverages his ServiceNow expertise to deliver operational excellence and help clients achieve their business goals.In the episode, David talks about:0:00 His journey from Xerox sales intern to service delivery leader5:47 Crossfuze as an elite ServiceNow partner offering implementations and support6:59 Delivering ServiceNow reveals gaps between vision and reality10:13 The need to be honest, realistic and solution-focused in implementations13:45 Seeing growing demand in SecOps and risk management16:00 How Crossfuze's small size cultivates a collaborative, expert-driven culture18:14 Why Crossfuze's reputation and expert breadth drive industry differentiationTo find out more about all the great work happening at Crossfuze, check out the website www.crossfuze.com

The Cybersecurity Defenders Podcast
Learning how to trust that AI is secure with Saurabh Shintre from Realm Labs / Defender Fridays [#299]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 9, 2026 30:33


Saurabh Shintre, Founder and CEO of Realm Labs, is on Defender Fridays today to discuss securing AI from within.Saurabh previously led the AI security research at Splunk and Symantec. He has been at the forefront of AI security research for nearly a decade with multiple publications and patents and regularly features on public forums on issues regarding security and AI. Saurabh holds a PhD from Carnegie Mellon. Learn more at https://www.realmlabs.ai/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.io/Follow LimaCharlieSign up for free: https://limacharlie.io/LinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
Drones damage data centers, Iranian cyber retaliation, Sloppy Lemming & Honeywell vulnerability / Intel Chat [#300]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 9, 2026 35:43


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Iranian drone strikes damaged three Amazon Web Services data center facilities in the Middle East, highlighting the physical risks associated with large-scale cloud infrastructure.Cyber activity linked to Iran and pro-Iranian actors has intensified following a joint US–Israeli military strike on Iran that killed Supreme Leader Ayatollah Ali Khamenei and several other government officials.The India-linked advanced persistent threat group known as “Sloppy Lemming” has significantly increased its cyber operations over the past year, targeting organizations in Pakistan, Bangladesh, and other parts of South and Southeast Asia.A cybersecurity researcher has reported a potentially serious vulnerability in Honeywell's IQ4 building management controller, though the vendor disputes both the severity and practical impact of the issue.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
North Korean malware interviews, FortiGate firewall compromised, Cisco zero-day & Citrini Research AI future / Intel Chat [#298]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 3, 2026 42:30


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.GitLab's Threat Intelligence Team published detailed findings on North Korean activity associated with the Contagious Interview campaign and broader IT worker operations.A financially motivated, Russian-speaking threat actor used generative AI tools to compromise more than 600 Fortinet FortiGate firewall instances between January and February, according to Amazon Web Services.Cisco has released emergency patches for a critical zero-day vulnerability in its Catalyst SD-WAN products that has been actively exploited in the wild.Citrini Research presents a forward-looking scenario framed as a June 2028 macro memo describing a “Global Intelligence Crisis” triggered by abundant AI-driven intelligence.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
AI Red Teaming with John V from the Institute for Security and Technology / Defender Fridays [#297]

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 27, 2026 30:38


John V, AI risk, safety, and security at the Institute for Security and Technology (IST), joins Defender Fridays today. John's work spans AI red teaming, adversarial machine learning, AI evals and validation, and AI risk assessment, including policy work at the intersection of AGI and nuclear strategic stability. Learn more at https://securityandtechnology.org/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
#296 - How to Strengthen Cyber Resilience in an AI Era with Chris Cochran from SANS Institute

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 25, 2026 31:15


On this episode of The Cybersecurity Defenders Podcast, we speak with Chris Cochran, Field CISO & Vice President of AI Security at SANS Institute, about how to navigate the future of AI risk and security strategyChris works at the intersection of cyber defense, AI safety, and emerging risk, where the threats are converging and the playbooks are still being written. His career has taken him from the Marine Corps to NSA, U.S. Cyber Command, the U.S. House of Representatives, Mandiant, and Netflix. Across every role, one throughline: understanding adversaries, building high-trust teams, and translating complex problems into strategies leaders can act on.Today, Chris advises organizations, governments, and research institutions on AI governance, agentic threat preparedness, and unifying safety and security into a single discipline. He contributes to global standards efforts including the EU AI Act (via OWASP AI) and leads executive education on cybersecurity and AI strategy at SANS.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

The Cybersecurity Defenders Podcast
#295 - Intel Chat: DoppelBrand targets fortune 500s, Android malware Keenadu, attackers expand AI adoption & endless AI-driven threats

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 23, 2026 40:04


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A financially motivated threat actor known as GS7 is conducting a large-scale phishing campaign called Operation DoppelBrand, targeting Fortune 500 companies by impersonating their corporate login portals.Kaspersky researchers have analyzed a newly identified Android malware strain named Keenadu that provides attackers with remote control over infected devices.Application Programming Interfaces continue to be a primary attack surface, and new research from Wallarm shows the problem is accelerating as AI adoption expands.Hacker News outlines cybersecurity technology priorities for 2026, framing the environment as one of continuous instability rather than periodic disruption.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

The Cybersecurity Defenders Podcast
#294 - Defender Fridays: How is AI reshaping app security? With Farshad Abasi from Eureka DevSecOps

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 20, 2026 30:41


This week on Defender Fridays, Farshad Abasi, Founder and CEO of Forward Security and Eureka DevSecOps, discusses how AI can help us set a new standard in app and cloud security. Farshad brings over 27 years of industry experience to the forefront of cybersecurity innovation. His professional journey includes key technical roles at Intel and Motorola, evolving into senior security positions as the Principal Security Architect for HSBC Global, and Head of IT Security for the Canadian division. Farshad's commitment to the field extends to his role as an instructor at BCIT, where he imparts his wealth of knowledge to the next generation of cybersecurity experts. His diverse experience, which spans startups to large enterprises, informs his approach to delivering adaptive and reliable solutions.Engaged actively in the cybersecurity community through roles in BSides Vancouver/MARS, OWASP Vancouver/AppSec PNW, and as a CISSP designate, Farshad's vision and leadership continue to drive the industry forward. Under his guidance, Forward Security is setting new standards in application and cloud security. Learn more at https://www.eurekadevsecops.com/ and https://forwardsecurity.com/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

The Cybersecurity Defenders Podcast
#293 - Intel Chat: Russian cyber ops, Sygnia, Ollama & TeamPCP

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 16, 2026 35:49


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Russian cyber operations have maintained a consistent focus on exploiting both tactical and strategic targets within the defense industrial base, particularly in the context of the war in Ukraine.Sygnia has disclosed a large-scale, AI-driven scam operation involving over 150 cloned websites impersonating law firms.A joint investigation by SentinelLabs and Censys has revealed a growing ecosystem of publicly exposed AI compute infrastructure, driven largely by deployments of Ollama - an open-source framework for running large language models locally.Flare has identified a widespread, ongoing campaign attributed to a threat actor group known as TeamPCP -also operating under aliases such as PCPcat and ShellForce - which has compromised over 60,000 servers worldwide since late December.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Colorado = Security Podcast
283 - 2/16 - Cody Cornell, CEO of Swimlane

Colorado = Security Podcast

Play Episode Listen Later Feb 15, 2026 83:54


Our featured guest this monthCody Cornell, CEO and founder of Swimlane, interviewed by Frank Victory. News from Great American Beer Festival, Lumen, Zvelo, RADICL, Ping Identity, Red Canary and a lot more! Welcome back to the Colorado = Security podcast, where today we're trading the icebreakers of Antarctica for the high-stakes world of global SecOps! Join us as Cody Cornell, the visionary CEO of Swimlane, reveals how he pivoted from the front lines of the Coast Guard to building the future of security automation. It's time to find out if your organization is a fortress of governance or just a glass house waiting for a stone—let's dive in!https://www.linkedin.com/in/codycornell/https://swimlane.com/https://www.linkedin.com/in/frank-victory/https://snowfroc.com/ Come join us on the Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Great American Beer Festival relocates from downtown Denver Colorado now has 6 million people, even amid slowing population growth Denver-area telecom completes $5.75B cash sale to AT&T Louisville tech company nears public offering Energy, data center tax break debates set to kick off in the Colorado legislature this week Agentic AI Security Exposes the Limits of Zero Trust Swimlane Introduces Fleet of AI Agents and Agent-Builder RADICL Secures $31M to Accelerate the Future of Autonomous Cyber Defense for SMBs What is Zero-Knowledge Biometric Authentication? A Simple Guide for Security Teams Go jump in a lake: Measuring the data lake effect on your SIEM | Red Canary Upcoming Events: Check out the full calendar CSA Colorado - Enabling AI: Rules of the Road - 2/17 ISSA COS - February Trivia Night - 2/19 ISACA Denver - February Meeting with the IIA - 2/19 ISC2 Pikes Peak - 2/25 Denver ISSA - AI/ML Special Interest Group - 2/25 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

The Cybersecurity Defenders Podcast
#292 - Defender Fridays: Are we overlooking our most precious resource - ourselves? With Brandon Min from Herd Security

The Cybersecurity Defenders Podcast

Play Episode Listen Later Feb 13, 2026 32:29


This week Brandon Min, Founder and CEO of Herd Security, joins Defender Fridays to discuss how human risk management needs to rebrand with empathy.Brandon is the co-founder and CEO of Herd Security, where they help security teams drive employee engagement in security, making a more resilient organization. Humans have been the #1 target of organizational cyber attacks; however, security teams, organizations, vendors, and leaders have vilified them. At Herd, they believe security should be led with empathy and care. Building trust amongst users that will drive their engagement in security. Building herd immunity from cyber attacks. Learn more at https://herdsecurity.io/Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.Why LimaCharlie?Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.Try the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieio X: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie