Podcasts about SOC

  • 1,480PODCASTS
  • 4,734EPISODES
  • 43mAVG DURATION
  • 2DAILY NEW EPISODES
  • Aug 29, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about SOC

Show all podcasts related to soc

Latest podcast episodes about SOC

Darrers podcast - Ràdio Puig-Reig
la Vida i Altres Histories del 29/8/2025

Darrers podcast - Ràdio Puig-Reig

Play Episode Listen Later Aug 29, 2025 60:00


Tot-hom te una historia, Una que fa riure, una que fa pensar, o una que encara no s'ha explicat, A la Vida i Altres Histories obrim el micro a les veus que sovint ne s'escolten, persones que han viscut, somiat, caigut i tornat a començar, Converses reals, temes tabús, viatges, projectes, vida quotidiana i moltes coses mes La Vida i Altres Histories, el programa que escolta sense presses. Soc la Queralt Sanchez i em podrás escoltar cada divendres de 8 a 0 del vespre a Ràdio Puig-reig. T'HI APUNTES ? podcast recorded with enacast.com

Cyber Security Headlines
Salt Typhoon expands, AI-powered ransomware, Anthropic warns of vibe-hacking

Cyber Security Headlines

Play Episode Listen Later Aug 28, 2025 7:39


FBI warns of expanded Chinese hacking campaign AI-powered ransomware is a thing now Anthropic warns about “vibe-hacking” Huge thanks to our sponsor, Prophet Security SOC analyst burnout is real - repetitive tasks, poor tooling, and constant alert noise are driving them out. Prophet Security fixes this. Their Agentic AI Analyst handles alert triage and investigation - work that 69% of cybersecurity leaders say is the best use for AI in the SOC. Say goodbye to burnout, and hello to efficiency. Check out prophetsecurity.ai.  

AWS for Software Companies Podcast
Ep137: AI Without Borders - Extending analyst capabilities across the modern SOC

AWS for Software Companies Podcast

Play Episode Listen Later Aug 27, 2025 31:09


Gagan Singh of Elastic discuses how agentic AI systems reduce analyst burnout by automatically triaging security alerts, resulting in measurable ROI for organizationsTopics Include:AI breaks security silos between teams, data, and tools in SOCsAttackers gain system access; SOC teams have only 40 minutes to detect/containAlert overload causes analyst burnout; thousands of low-value alerts overwhelm teams dailyAI inevitable for SOCs to process data, separate false positives from real threatsAgentic systems understand environment, reason through problems, take action without hand-holdingAttack discovery capability reduces hundreds of alerts to 3-4 prioritized threat discoveriesAI provides ROI metrics: processed alerts, filtered noise, hours saved for organizationsRAG (Retrieval Augmented Generation) prevents hallucination by adding enterprise context to LLMsAWS integration uses SageMaker, Bedrock, Anthropic models with Elasticsearch vector database capabilitiesEnd-to-end LLM observability tracks costs, tokens, invocations, errors, and performance bottlenecksJunior analysts detect nation-state attacks; teams shift from reactive to proactive securityFuture requires balancing costs, data richness, sovereignty, model choice, human-machine collaborationParticipants:Gagan Singh – Vice President Product Marketing, ElasticAdditional Links:Elastic – LinkedIn - Website – AWS Marketplace See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Telecom Reseller
SmarTrak.ai: Driving Double-Digit Growth for Cisco Partners and Beyond, Podcast

Telecom Reseller

Play Episode Listen Later Aug 27, 2025 12:07


“We are an absolute recurring revenue engine,” says Ted Lee, co-founder of SmarTrak.ai, in a new podcast interview with Doug Green, Publisher of Technology Reseller News. Speaking from Cisco GSX and VMware Explore, Lee describes how SmarTrak.ai is enabling partners to transform data into growth, helping some global players reverse declines and generate new momentum in just 12 months. Founded with a multi-vendor vision, SmarTrak.ai began by solving a central challenge in the Cisco ecosystem: partners struggling to manage renewals and subscriptions at scale. The platform pulls data from 30–40 sources across Cisco, partners, customers, and distributors—then applies AI to generate actionable, prescriptive insights. Instead of static dashboards, SmarTrak.ai tells partners what to sell, when to sell it, and how to grow adoption. “We're beyond BI,” explains Lee. “Our AI is building presentations, highlighting opportunities, and giving sellers the recommendations that turn renewal data into recurring revenue.” Key highlights from the conversation: Recurring revenue growth: Partners are using SmarTrak.ai to drive hardware, software, subscription, and managed services sales. Executive-level visibility: Daily insights reveal whether a business is growing or in decline—and why—empowering leaders to take corrective action. Speed of innovation: As an AI-first platform with no legacy “technical debt,” SmarTrak.ai deploys new functionality in weeks, with measurable revenue results in days. Secure AI adoption: SOC 2 compliance ensures sensitive customer data stays safe—unlike dropping files into public AI tools. Multi-vendor future: While rooted in Cisco, SmarTrak.ai is rapidly expanding to support VMware and other leading IT vendors. Lee says partners see SmarTrak.ai as their “competitive advantage machine”—so much so that few will provide references, fearing competitors will catch on. For Cisco, for partners, and ultimately for customers, the result is a healthier ecosystem and stronger long-term value. To learn more, visit smartrak.ai.

Basis 108. Der IT-Zukunftspodcast.
Cyberabwehr am Airport – So schützt sich der Flughafen Stuttgart digital.

Basis 108. Der IT-Zukunftspodcast.

Play Episode Listen Later Aug 27, 2025 34:42


Flughäfen sind nicht nur physisch hochgesichert – auch digital laufen im Hintergrund hochkomplexe Schutzsysteme. In dieser Folge von Basis 108 nimmt Tech-Journalistin Svea Eckert uns mit hinter die Kulissen des Flughafens Stuttgart. Ihr Gesprächspartner: Florian Frech, Abteilungsleiter IT-Strategie und Steuerung. Er erklärt, wie ein „digitales Nervensystem“ den Betrieb schützt, wie Cyberangriffe erkannt und abgewehrt werden, welche Rolle das Security Operations Center spielt – und wie sich der Flughafen auf Bedrohungen wie Ransomware oder DDoS vorbereitet. Außerdem geht es um das EU-Regelwerk NIS2, das Schwachstellenmanagement und den klimaneutralen Umbau des Flughafens. Florian Frech ermöglicht Einblicke in den Alltag eines „Chief Digital Bodyguards“ – und erklärt, warum Cybersicherheit Chefsache ist.

This Week in Startups
xAI's App Store lawsuit, Intel shares vs. grocery stores, and Netskope's IPO | E2169

This Week in Startups

Play Episode Listen Later Aug 26, 2025 74:28


Today's show:On an upbeat and optimistic new TWiST, Jason and Alex are debating why any new innovation or technology gets hit with a wave of bitter cynicism.PLUS Jason defends the government taking shares of Intel, explains the importance of interoperability, and predicts how AirBnB's Joe Gebbia will upgrade the US government's website design.All that PLUS thoughts on the Netskope IPO, Perplexity offering publishers actual revenue share, a deep dive on the new AI-based PAC, thoughts on open-source LLMs, and much much much more.Timestamps:(0:00) Cynicism vs. Optimism and why Jason thinks cynics go after any interesting new technology(10:02) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(11:04) Show Continues…(14:37) Why Jason supports the Intel deal but worries it will become a trend(20:46) Public - Take your investing to the next level with Public. Build a multi-asset portfolio and earn 4.1% APY on your cash—with no fees or minimums. Start now at public.com/twist.(22:00) Show Continues…(27:02) Is it hypocritical to oppose socialist grocery stores but support the Intel deal? Jason says NO.(29:41) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWIST(30:58) What does xAI hope to get out of this OpenAI/Apple lawsuit? Jason and Alex theorize…(39:12) Why Jason thinks interoperability is so important and how App Stores OUGHT to work(41:12) How AirBnB's Joe Gebbia could potentially upgrade the US government's websites(49:27) What does Netskope do exactly? SASE?! Producer Claude explains…(58:32) Alex and Jason celebrate Perplexity rev sharing with publishers(01:10:02) Jason's thoughts on the Leading the Future PAC, and US AI policySubscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpFollow Lon:X: https://x.com/lonsFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisThank you to our partners:(10:02) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(20:46) Public - Take your investing to the next level with Public. Build a multi-asset portfolio and earn 4.1% APY on your cash—with no fees or minimums. Start now at public.com/twist.(29:41) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWISTGreat TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.comSubscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916

The Cybersecurity Readiness Podcast Series
Beyond Passwords: Making Identity-Based Attacks Impossible in the Age of AI

The Cybersecurity Readiness Podcast Series

Play Episode Listen Later Aug 26, 2025 35:58


In this episode, Dr. Dave Chatterjee sits down with Jasson Casey, CEO & Co-Founder @ Beyond Identity, to dissect the growing threat of identity-based attacks, which now account for nearly 80% of breaches. Casey explains how adversaries increasingly “log in” instead of breaking in, leveraging techniques such as MFA fatigue, session hijacking, and phishing kits. He shares lessons from his professional journey—ranging from building telco networks to advising the U.S. Government and launching Beyond Identity—and explains how his team's identity defense solution eliminates root causes of credential theft while reducing SOC workloads. The discussion also addresses why traditional human training cannot withstand adversaries armed with deepfakes and agentic AI, underscoring the need for technology to carry the defensive burden. Together, Chatterjee and Casey explore the double-edged role of AI, strategies for phased deployments (“ring deployments”), and the importance of embedding identity defense into board-level governance through the Commitment–Preparedness–Discipline (CPD) framework.To access and download the entire podcast summary with discussion highlights -https://www.dchatte.com/episode-89-beyond-passwords-making-identity-based-attacks-impossible-in-the-age-of-ai-2/Connect with Host Dr. Dave Chatterjee and Subscribe to the PodcastPlease subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712Latest Publications & Press Releases:“Meet Dr. Dave Chatterjee, the mind behind the CommitmentPreparedness-Discipline method for cybersecurity,” Chicago Tribune, February 24, 2025."Dr. Dave Chatterjee On A Proactive Behavioral Approach To Cyber Readiness," Forbes, February 21, 2025.Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparednessDr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness,...

Relating to DevSecOps
Episode #080: Patch Me If You Can: Compliance, SLAs, and Other Fairytales

Relating to DevSecOps

Play Episode Listen Later Aug 25, 2025 34:05


Send us a textIn this no-punches-pulled return from hiatus, Ken and Mike dig deep into the messy middle of vulnerability management, SLA fatigue, and the illusion of compliance. Are we building secure systems or just passing audits? From legacy cruft to exploitable CVEs, this episode unpacks the real-world pressures of SOC 2, the auditor dance, and whether fixing every “critical” is even feasible.Perfect for practitioners trying to balance the checkbox culture with actual risk reduction, this one's got stories, strategies, and spicy takes. Bonus: tips on managing auditors without losing your mind—or your security posture.

Radio Campus Tours – 99.5 FM
La Méridienne – Chante, danse, Educ' Pop' !

Radio Campus Tours – 99.5 FM

Play Episode Listen Later Aug 25, 2025


Émission La Méridienne Une oreille attentive remarquera que les élus sélectionnés par Laurent Besse sont plutôt « de gauche » : à dire vrai, ce sont avant tout d’anciens étudiants de la filière « Car’ Soc' » de l’IUT. Quant aux structures proposées par Arnaud Loustalot, on y entend souvent parler d’émancipation, d’éducation populaire. Simple coïncidence ? Peut-être pas. […] L'article La Méridienne – Chante, danse, Educ’ Pop’ ! est apparu en premier sur Radio Campus Tours - 99.5 FM.

Technikquatsch
TQ270: Google Pixel 10 und 10 Pro (XL) vorgestellt – Performance-Sprung dank TSMC, aber noch weit hinter der Spitze, Pixelsnap wie Apple Magsafe zum Laden nach Qi 2.2; USA erwerben 10% Anteil an Intel uvm.

Technikquatsch

Play Episode Listen Later Aug 24, 2025 88:12


Google stellte das Pixel 10 und 10 Pro (XL) vor, und auch wenn das meiste schon durch Leaks bekannt war, sind doch einige nette Sachen dabei: Zuerst ja, der neue SoC, Tensor G5, ist tatsächlich bei TSMC anstatt bei Samsung gefertigt, was Google auch besonders hervorhob. Wie erwartet führt das wohl auch zu einem ganz ordentlichen Performance-Sprung von laut Google etwa 34 Prozent, wobei die Kerne zum Teil weiterhin aus der alten Generation stammen. Damit können sie auch nicht an die Spitze aufschließen, dort sitzt derzeit unangefochten Qualcomm mit den eigenen Oryon-2-Kernen im Snapdragon 8 Elite. Das größte Upgrade für das normale Pixel 10 dürfte die dritte Kamera mit Telelinse sein, was bisher nur dem Pro vorbehalten war. Die gesamte Reihe hingegen bekommt Unterstützung für den kabellosen Ladestandard Qi 2.2 mit ins Gerät integrierten Magneten. Insgesamt vielversprechend auch ohne Spitzenperformance, aber wir (bzw. Mike) werden doch auf das Pixel 11 warten, der Tensor G6 soll deutlich größere Fortschritte bringen. Viel Spaß mit Folge 270! Sprecher:innen: Meep, Michael Kister, Mohammed Ali DadAudioproduktion: Michael KisterVideoproduktion: Mohammed Ali Dad, Michael KisterTitelbild: Mohammed Ali DadBildquellen: GoogleAufnahmedatum: 22.08.2025 Besucht unsim Discord https://discord.gg/SneNarVCBMauf Bluesky https://bsky.app/profile/technikquatsch.deauf TikTok https://www.tiktok.com/@technikquatschauf Youtube https://www.youtube.com/@technikquatschauf Instagram https://www.instagram.com/technikquatschauf Twitch https://www.twitch.tv/technikquatsch RSS-Feed https://technikquatsch.de/feed/podcast/Spotify https://open.spotify.com/show/62ZVb7ZvmdtXqqNmnZLF5uApple Podcasts https://podcasts.apple.com/de/podcast/technikquatsch/id1510030975 00:00:00 Herzlich willkommen zu Technikquatsch Folge 270! 00:03:11 Google Pixel 6a zum Akkutausch gegebenhttps://www.comspot.de/service/reparatur.html 00:09:11 Tablet-Basteleien und neue (gebrauchte) In-Ear-Kopfhörer Technics EAH-AZ80 00:21:50 Google Pixel 10, Pixel 10 Pro (XL) vorgestellt; Pixel 10 jetzt auch mit Telelinsehttps://www.computerbase.de/news/smartphones/google-smartphones-pixel-10-pro-erhaelt-pixelsnap-tensor-g5-und-kamera-updates.93799/ 00:28:35 Pixelsnap: Magnete für kabelloses Laden mit Qi 2.2 integriert 00:32:31 Einschub: Google Smartphones mit geringem Marktanteil, etwa 2,92% in Deutschland, weltweit 1,91%https://gs.statcounter.com/vendor-market-share/mobile/germany 00:38:27 zuück: Tensor G5 jetzt bei TSMC statt Samsung, CPU-Leistung steigt um 34% laut Google, weiterhin ältere Kernehttps://www.computerbase.de/news/prozessoren/tensor-g5-google-setzt-auf-non-rt-gpu-von-imagination-technologies.93956/ 00:43:09 Preise gleich geblieben zum Vorgänger: Pixel 10 startet ab 899€, Pixel 10 Pro ab 1099€ (mit jeweils 128GB); Pixel 10 Pro XL ab 1299€ mit 256GB 00:47:29 Pixel Buds 2a und Pixel Watch 4https://www.computerbase.de/news/wearables/smartwatch-und-kopfhoerer-google-pixel-watch-4-und-pixel-buds-2a-erlauben-akkutausch.93918/ 00:50:24 unser Fazit: auf Tests warten, sicher eine gute Wahl, aber ohne Druck besser auf Rabatte warten. 00:53:34 Nachklapp: Funktion "Akku teilen" wurde entfernthttps://www.heise.de/news/Pixel-10-Google-streicht-Akku-teilen-Funktion-zugunsten-von-Qi2-Magneten-10580443.html 00:55:05 Studie: Gamer sind demokratischer eingestellt als der deutsche Durchschnitt und politisch aktivhttps://www1.wdr.de/nachrichten/studie-bertelsmann-stiftung-gaming-100.html 01:04:30 Gamescom ONL: etwas öde, aber zumindest Warhammer 40K: Dawn of War 4 von KingArt aus Bremenhttps://www.computerbase.de/news/gaming/warhammer-40k-dawn-of-war-4-klassisches-rts-ist-das-was-fans-sich-gewuenscht-haben.93966/ 01:09:38 Die USA erwerben 10% Anteil an Intel.https://www.reuters.com/business/trump-says-intel-has-agreed-deal-us-take-10-equity-stake-2025-08-22/ 01:14:32 neue Xbox-UI auf ROG Xbox Ally und Gerüchte zu Valve "Fremont"https://w...

Hacker Valley Studio
Mentorship to Mastery: AI and Community Lessons with Ron Eddings

Hacker Valley Studio

Play Episode Listen Later Aug 21, 2025 32:22


AI might analyze your logs in seconds, but only the community can put you in the room that changes your career. In this solo episode, Ron Eddings discusses the powerful balance between human connection and artificial intelligence in shaping the future of cybersecurity and beyond. From the sacrifices that sparked his career to the mentors who opened doors, Ron shares personal stories that show why community will always be your ultimate competitive edge, even as AI advances into the SOC. He also runs live AI experiments on ransomware response and log analysis, revealing what AI can (and can't) do for practitioners right now.   Impactful Moments: 00:00 - Introduction 02:00 - Why community is your first advantage 03:30 - The sacrifice that launched Ron's career 04:40 - Meeting mentor Marcus Carey 06:00 - Early opportunities in cybersecurity 07:00 - The power of hacker spaces 09:00 - How mentors open hidden doors 10:00 - RSA and Black Hat as career accelerators 13:00 - The most underrated LinkedIn feature 15:00 - The HVS mastermind community 16:00 - Reality check on GPT-5 18:00 - AI builds an IR playbook 20:00 - Critical do's and don'ts in incident response 23:00 - Why hallucinations matter in cybersecurity AI 25:00 - AI makes sense of raw logs 28:00 - Can AI replace tier one analysts? 30:00 - Where AI still falls short 31:00 - Final challenge: Strengthen your community     Links: Connect with our Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ Register for our livestream with Gerry Auger: https://www.linkedin.com/events/7359290642633539586/ Check out the links to the OpenAI ChatGPT threads here: Incident Analysis Summary: https://chatgpt.com/share/689fa61f-3498-8006-9989-ff8221f97b01 Ransomware Incident Playbook: https://chatgpt.com/share/689fa63f-86ec-8006-8355-642d4d38808e Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/  

Detection at Scale
Tines' Matt Muller on AI-Assisted Security Operations and Modernizing the SOC

Detection at Scale

Play Episode Listen Later Aug 21, 2025 29:25


Matt Muller, Field CISO at Tines, knows all about revolutionizing security operations through strategic AI integration and intelligent automation. In his conversation with Jack, Matt explores how traditional SOC models create problematic feedback loops where junior analysts make critical decisions while senior practitioners handle escalations, limiting learning and growth opportunities.  Instead, Matt envisions AI-assisted workflows where senior expertise gets encoded into intelligent systems that teach junior team members while they work, transforming security operations from reactive alert-chasing to proactive strategic defense. He also emphasizes communication skills, relationship building, and moving beyond being perceived as the team of no to become strategic enablers. Topics discussed: Evolution from banning ChatGPT to strategic AI integration in security operations, emphasizing augmentation over replacement strategies. Model Context Protocol implementation challenges and the importance of safe-by-default approaches when integrating emerging AI technologies into production. Traditional SOC tier models create problematic feedback loops where junior analysts make critical decisions but lack learning opportunities. AI-assisted workflows can transform security operations by encoding senior expertise into systems that teach while automating routine tasks. Practical approaches to AI adoption including demystification techniques, validation methods, and breaking complex problems into manageable components. Strategic implementation of AI agents in security workflows, particularly for non-deterministic tasks like phishing investigation and alert triage. Importance of maintaining human oversight and guardrails when deploying AI systems in critical security operations and incident response. Communication skills and relationship building as fundamental competencies for security practitioners working with both AI systems and human stakeholders. Safe experimentation with AI technologies through controlled environments and understanding system limitations before production deployment. Listen to more episodes:  Apple  Spotify  YouTube Website

CrimeScience
CrimeScience – The Weekly Review – Episode 215 Ft. Chris Henningsen

CrimeScience

Play Episode Listen Later Aug 21, 2025 41:10


In this episode of the LPRC CrimeScience Podcast, Cory Lowe speaks with Chris Henningsen, Manager of the Real-time Crime Center in Scottsdale, Arizona. They discuss how to set up a SOC, technology upgrades in the field, and the continued collaboration with the Real Time Crime Center Association. Listen in to learn a little bit more about Real Time Crime Center strategies!

The CyberWire
Inside Intel's internal web maze.

The CyberWire

Play Episode Listen Later Aug 19, 2025 26:18


A researcher uncovers vulnerabilities across Intel's internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand that Apple provide access to encrypted iCloud accounts. Hackers disguise the PipeMagic backdoor as a fake ChatGPT desktop app. The source code for a powerful Android banking trojan was leaked online. A Nebraska man is sentenced to prison for defrauding cloud providers to mine nearly $1 million in cryptocurrency. On this week's Threat Vector, David Moulton speaks with Liz Pinder and Patrick Bayle for a no holds barred look at context switching in the SOC. A UK police force fails to call for backup. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Security analysts are drowning in tools, alerts, and tabs. On today's Threat Vector segment from Palo Alto Networks, we offer a snapshot from host⁠ David Moulton⁠'s conversation with⁠ Liz Pinder⁠ and⁠ Patrick Bayle⁠⁠. Together they take a no holds barred look at context switching in the SOC, what it costs, why it's getting worse, and how smarter design can fix it. You can listen to David, Patrick, and Liz's conversation⁠ here⁠. It's a must-listen for anyone building or managing a modern SOC. New episodes of⁠ Threat Vector⁠ drop each Thursday on the N2K CyberWire network and in your favorite podcast app. Selected Reading Intel data breach: employee data could be accessed via API (Techzine Global) North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware (GB Hackers) Internet-wide Vulnerability Enables Giant DDoS Attacks (Dark Reading) Drug development company Inotiv reports ransomware attack to SEC (The Record) UK ‘agrees to drop' demand over Apple iCloud encryption, US intelligence head claims (The Record) Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft (The Record) ERMAC Android malware source code leak exposes banking trojan infrastructure (Bleeping Computer) Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme (Bleeping Computer) South Yorkshire Police Deletes 96,000 Pieces of Digital Evidence  (Infosecurity Magazine) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

BLUEPRINT
Leading by Example: Confidence and Responsibilty in Cybersecurity with Zak Stufflebeam

BLUEPRINT

Play Episode Listen Later Aug 19, 2025 66:23


Click here to send us your ideas and feedback on Blueprint!In this episode, we sit down with Zak Stufflebeam, Director of Cybersecurity at a publicly traded insurance company. Zak shares his unique journey from the military to leading security operations, emphasizing essential leadership principles learned along the way. From his early days in basic training to leading complex cybersecurity teams, Zak's story is one of perseverance, adaptability, and unwavering commitment. He delves into vital leadership lessons, the importance of confidence, and strategies to maintain focus and calm under pressure. This episode is packed with insights for aspiring SOC analysts and leaders looking to make an impact in their field.Check out John's SOC Training Courses for SOC Analysts and Leaders: SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations LDR551: Building and Leader Security Operations Centers Follow and Connect with John: LinkedIn

Business of Tech
Navigating Client Uncertainty: AI, Cybersecurity, and Women in Leadership in MSPs with Jennifer Roy

Business of Tech

Play Episode Listen Later Aug 19, 2025 12:05


Jennifer Roy, CEO of Nucleus Networks, discusses her transition from COO to CEO and the broader responsibilities that come with the role. She emphasizes the shift from a narrow focus on operations to a more comprehensive involvement in various business areas, including sales, marketing, finance, and HR. Despite the turbulent market conditions, particularly in the Canadian landscape, Nucleus Networks continues to thrive, with a full sales funnel and ongoing projects. Clients are increasingly inquiring about AI and cybersecurity, reflecting a cautious yet proactive approach to technology adoption.Roy highlights the importance of understanding clients' businesses to effectively implement AI solutions tailored to their specific needs. Her team, particularly the business transformation office, plays a crucial role in assessing readiness and executing projects. On the cybersecurity front, clients are primarily concerned about preventing breaches and ensuring they meet industry standards, such as SOC 2 Type 2 compliance. This process has revealed the significance of robust internal policies beyond just security measures, including HR practices and employee development.The conversation also touches on the state of women in leadership within the tech industry. Despite stagnant statistics over the past five years, Roy believes that cultural shifts are paving the way for more women to assume leadership roles. She actively participates in initiatives aimed at promoting diversity and inclusion, such as mentoring young professionals and advocating for inclusive hiring practices. Her own organization reflects this commitment, with a significant representation of women in the C-suite.As the discussion wraps up, Roy shares her key takeaways from the ChannelCon event, emphasizing the value of networking and personal interactions outside formal sessions. Looking ahead, she expresses a keen focus on employee and client retention, recognizing the competitive nature of the market. By enhancing the employee experience, she believes that client loyalty will naturally follow, ensuring the continued success of Nucleus Networks. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Identity At The Center
#367 - RSM & IDAC Present - The Intersection of Attack Surface Management and Identity

Identity At The Center

Play Episode Listen Later Aug 18, 2025 51:47


Join hosts Jeff Steadman and Jim McDonald as they explore the critical intersection of attack surface management (ASM) and digital identity with Dan Lauritzen, Director with RSM Defense - RSM's Managed Security Team. This episode dives deep into how identity has become a key component of your organization's attack surface and why breaking down silos between identity teams and Security Operations Centers is more crucial than ever.Dan brings a unique perspective from his military background as a human intelligence collector to his current role in detection and response. Learn about the cyber kill chain, understand when you might have too much data, and discover practical strategies for treating identities as assets that need continuous protection.Whether you're an identity practitioner looking to expand your security knowledge or a cybersecurity professional wanting to better understand identity's role in attack surface management, this conversation offers valuable insights and actionable takeaways.Key topics include XDR platforms, ITDR tools, the evolution from legacy SIEM to modern detection systems, and why the future of security requires collaboration between traditionally separate teams.Chapter Timestamps00:00 - Introduction and Industry Trends01:00 - AI and Technology Disruption Discussion02:00 - Upcoming Conference Schedule and Discount Codes04:00 - Podcast Milestone - Approaching One Million Downloads06:30 - Introducing Dan Lauritzen and RSM Defense Team09:00 - Dan's Background - From Military to Cybersecurity12:00 - What is Attack Surface Management?14:00 - Treating Identities as Assets16:00 - The Cyber Kill Chain Explained18:00 - Why Identity and SOC Teams Operate in Silos21:00 - The Role of Data in Modern Security Operations23:00 - Continuous Identity Management and Shared Signals Framework26:00 - Can You Have Too Much Data?29:00 - Breaking Down Silos Between Identity and SOC Teams32:00 - Practical Collaboration Strategies34:00 - SIEM vs XDR vs ITDR - Understanding the Tool Landscape41:00 - Pragmatic Security Strategies and Metrics44:00 - Biggest Misconceptions About Attack Surface Management45:00 - Military Background - Human Intelligence Collection48:00 - Communication Tips for Better Information Gathering51:00 - Closing and Contact InformationConnect with Dan: https://www.linkedin.com/in/daniel-lauritzen-67545045/Cyber Kill Chain: https://en.wikipedia.org/wiki/Cyber_kill_chainLearn more about RSM:RSM Defense Managed Security: https://rsmus.com/services/risk-fraud-cybersecurity/managed-security-services.htmlRSM Digital Identity: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.htmlConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dan Lauritzen, RSM, attack surface management, cybersecurity, digital identity, SOC, Security Operations Center, XDR, ITDR, SIEM, cyber kill chain, detection and response, identity security, human intelligence, military cybersecurity, continuous identity management, shared signals framework, UEBA, threat detection, zero trust, privileged access management, identity governance, security metrics, vendor management, cloud security, endpoint security, data correlation, security silos, collaboration strategies, identity assets, orphaned accounts, entitlement creep, attack surface reduction, security automation, AI in security, machine learning security, identity sprawl, security tools, cybersecurity consulting, managed security services, security monitoring, incident response, threat hunting, vulnerability management, risk assessment, compliance, security architecture, defense strategy

Cyber Talks
Agentic AI in the SOC: Risk, Reliability, and the Future of Security Operations

Cyber Talks

Play Episode Listen Later Aug 18, 2025 36:32


Agentic AI is moving from hype to reality, reshaping how enterprises operate, and how cyber defenders must adapt. In this CyberTalks episode, Mark Gillett (Chief Product Officer, eSentire) is joined by Ben Wilde (Head of Innovation, Georgian) to break down the risks, reliability challenges, and opportunities presented by autonomous AI agents.In this episode, we explore:How AI agents expand the enterprise attack surfaceWhy “agent security” may soon be its own disciplineGuardrails security leaders need before adoptionThe balance between automation and human oversight in the SOCA practical crawl–walk–run model for implementing agentic AIIf you're a CISO, SOC architect, or IT leader, this episode will help you cut through the hype and prepare your team for the next frontier of AI-driven cybersecurity.--Have a question for us? Reach out: hello@esentire.com---About Cyber TalksFrom ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges.About eSentireeSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

Cyber Security Headlines
Week in Review: ShinyHunters-Scattered Spider merge, DARPA AI prize, Water infrastructure volunteers

Cyber Security Headlines

Play Episode Listen Later Aug 15, 2025 30:29


Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, co-host, Defense in Depth Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com    

Cyber Security Headlines
NFC fraud reappears, Canada government breach, Zoom's critical flaw

Cyber Security Headlines

Play Episode Listen Later Aug 15, 2025 8:08


New wave of NFC relay fraud, call hijacking, and root exploits in banking sector Canada's House of Commons suffers cyberattack Zoom fixes critical Windows client flaw that could enable privilege escalation Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

ITSPmagazine | Technology. Cybersecurity. Society
How to Automate Cybersecurity Operations Without Coding, Crying, or Calling IT at 2 A.M. | A Brand Story with Mike Wayne, Vice President, Global Sales at BlinkOps | A Black Hat USA 2025 Conference On Location Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 14, 2025 19:46


Mike Wayne, responsible for global sales at BlinkOps, joins ITSPmagazine host Sean Martin to discuss how organizations can harness agentic AI to transform security operations—and much more.The conversation begins with a clear reality: business processes are complex, and when security is added into the mix, orchestrating workflows efficiently becomes even more challenging. BlinkOps addresses this by providing a platform that not only automates security tasks but also extends across HR, finance, sales, and marketing. By enabling automation in areas like employee onboarding/offboarding or access management, the platform helps organizations improve efficiency, reduce risk, and free human talent for higher-value work.Mike explains that while traditional SOAR tools require heavy scripting and ongoing maintenance, BlinkOps takes a different approach. Its security co-pilot allows users to describe automations in plain language, which are then generated—90% complete—by the system. Whether the user is a SOC analyst or an HR manager, the platform supports low-code and no-code capabilities, making automation accessible to “citizen developers” across the organization.The concept of micro agents is central. Instead of relying on large, complex AI models that can hallucinate or act unpredictably, BlinkOps uses focused, purpose-built agents with smaller context windows. These agents handle specific tasks—such as enriching security alerts—within larger workflows, ensuring accuracy and control.The benefits are tangible. One customer's triage agent processed 400 alerts in just eight days without direct human intervention, while another saved $1.8 million in manual endpoint deployment costs over a single month. Outcomes like reduced mean time to respond (MTTR) and faster time to automation are key drivers for adoption, especially when facing zero-day vulnerabilities where speed is critical.BlinkOps runs as SaaS, hybrid, or in secure environments like GovCloud, making it adaptable for organizations of all sizes and compliance requirements.The takeaway is clear: AI-driven automation doesn't just improve security operations—it creates new efficiencies across the enterprise. As Mike puts it, when a process can be automated, “just blink it.”Learn more about BlinkOps: https://itspm.ag/blinkops-942780Note: This story contains promotional content. Learn more.Guest: Mike Wayne, Vice President, Global Sales at BlinkOps | On Linkedin: https://www.linkedin.com/in/mikejwayne/ResourcesLearn more and catch more stories from BlinkOps: https://www.itspmagazine.com/directory/blinkopsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, mike wayne, blink ops, ai automation, agentic ai, micro agents, security automation, soc automation, workflow automation, zero day response, alert triage, enrichment agent, low code automation, cyber security ai, enterprise automation, black hat usa, black hat 2025

Cyber Security Headlines
Court filing system hack explained, PA AG weighs in on attack, Fortinet attacks raise concerns

Cyber Security Headlines

Play Episode Listen Later Aug 14, 2025 7:22


Hack of federal court filing system exploited security flaws known since 2020 Pennsylvania attorney general says cyberattack knocked phone, email systems offline Spike in Fortinet VPN brute-force attacks raises zero-day concerns Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

Cyber Security Headlines
Fortinet SSL VPNs getting hammered, The Netherlands critical infrastructure compromise, Africa the most targeted for cyber attacks

Cyber Security Headlines

Play Episode Listen Later Aug 13, 2025 7:26


The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com

This Week in Startups
GPT Psychosis is spreading, the NYT is Super-Doxxing Zuck, and Trump is wetting his beak on Chinese chip exports | E2163

This Week in Startups

Play Episode Listen Later Aug 12, 2025 76:27


Today's show:On an all-new Monday TWiST, Lon joins Jason and Alex to talk about a whole bunch of stories at the intersection of tech, business, and pop culture.First up, is GPT Psychosis real? And if so, what are the warning signs that your loved ones have been ONESHOTTED.Then, why did Jason get so upset at the NY Times piece about Mark Zuckerberg's Palo Alto compound?PLUS we're discussing Trump's export fees on AMD and Nvidia, Jason's pitch for why the president should work more closely with Congress, a new tool in the search for rare-earth minerals, just how many self-driving trucks are on Chinese roads today, and much much more!Timestamps:(0:00) INTRO, Why Jason hated the NYT story about Mark Zuckerberg's compound.(09:54) Vouched - Trust for agents that's built for builders like you. Check it out at http://vouched.id/twist(11:14) Show continues…(19:54) Coda - Empower your startup with Coda's Team plan for free—get 6 months at https://www.Coda.io/twist(21:01) Show continues…(27:25) GPT Psychosis: Is it real and how widespread is it?(29:13) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(30:16) Show continues…(45:45) What it means to get “One-Shotted”: is Sam Altman doing this on purpose?(53:56) Jason says working multiple jobs at once is STEALING… is that fair?(01:04:53) Are Trump's Chinese export fees for AMD and Nvidia a justified licensing process? Or a shakedown?(01:09:22) Jason's pitch for working closer with Congress, and why Alex has concerns about clarity(01:12:02) PolyMarket: Will tariffs generate >$250b in 2025?Subscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpFollow Lon:X: https://x.com/lonsFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisThank you to our partners:(09:54) Vouched - Trust for agents that's built for builders like you. Check it out at http://vouched.id/twist(19:54) Coda - Empower your startup with Coda's Team plan for free—get 6 months at https://www.Coda.io/twist(29:13) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twistGreat TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.comSubscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916

Who Knew In The Moment?
Socrates Rosenfeld, CEO + Co-Founder, Jane Technologies Inc.

Who Knew In The Moment?

Play Episode Listen Later Aug 12, 2025 48:07


Socrates Rosenfeld is the CEO and Co-Founder of Jane Technologies, a leading technology company for the cannabis industry. A visionary entrepreneur, combat veteran, and MIT graduate, Soc and his team have revolutionized cannabis commerce by creating a trusted platform that serves thousands of dispensaries and brands across 39 U.S. states. Jane powers the majority of all legal cannabis transactions in the U.S.After leaving active duty in 2011 as a U.S. Army veteran and Apache helicopter commander, Soc turned to cannabis to help him re-acclimate to civilian life. Living in Massachusetts, where cannabis was illegal at the time, he faced challenges navigating the black market. Frustrated and motivated to improve access for veterans, Soc co-founded Jane with his brother Abraham to create a transparent platform for cannabis consumers. Prior to launching Jane, Soc earned an MBA from MIT Sloan and worked at McKinsey & Company, gaining strategic business expertise.Since launching in 2017, Jane has become the cannabis industry's leading digital provider, offering solutions like ecommerce, AI, market analytics, payments, advertising, POS, and a consumer-facing app. Its Universal Product Catalog ensures consistent inventory across thousands of retailers, while the AI-powered MyHigh engine personalizes the shopping experience. Jane Gold, a brand-sponsored rewards program, deepens consumer engagement and highlights personalized product recommendations. With 13 software patents, Jane continues to set the standard for innovation in cannabis retail.Soc and his team at Jane have been recognized with multiple distinctions including Forbes' America's Best Startup Employers (2022, 2023, 2024 & 2025), Forbes' The Cannabis 42.0 (2024), Inc. 5000's Fastest-Growing Companies (2023), Inc. Power Player (2023), Inc.'s Best Workplaces (2023), and Deloitte's Technology Fast 500 (2022), in addition to participating on panels at SXSW and MJBizCon. To View This Episode- https://youtu.be/q73Owow14f8#whoknewinthemoment #podcast #philfriedrich #Janetechnologies

ITSPmagazine | Technology. Cybersecurity. Society
Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 | A Stellar Cyber Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with Subo Guha

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 12, 2025 17:40


Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 A Stellar Cyber Event Coverage of Black Hat USA 2025 Las VegasAn ITSPmagazine Brand Story with Subo Guha, Senior Vice President Product, Stellar Cyber____________________________Security operations centers face an unprecedented challenge: thousands of daily alerts overwhelming analyst teams while sophisticated threats demand immediate response. At Black Hat USA 2025 in Las Vegas, Stellar Cyber presented a revolutionary approach that fundamentally reimagines how SOCs operate in the age of AI-driven threats.Speaking with ITSPmagazine's Sean Martin, Subo Guha, Senior Vice President of Products at Stellar Cyber, outlined the company's vision for transforming security operations through their human-augmented autonomous SOC platform. Unlike traditional approaches that simply pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise.The platform's three-layer architecture ingests data from any source – network devices, applications, identities, and endpoints – while maintaining vendor neutrality through open EDR integration. Organizations can seamlessly work with CrowdStrike, SentinelOne, Sophos, or other preferred solutions without vendor lock-in. This flexibility proves crucial for enterprises navigating complex security ecosystems where different departments may have invested in various endpoint protection solutions.What sets Stellar Cyber apart is their autonomous SOC concept, which dramatically reduces alert volume from hundreds of thousands to manageable numbers within days rather than weeks. The platform's AI-driven auto-triage capability identifies true positives among thousands of false alarms, presenting analysts with prioritized "verdicts" that demand attention. This transformation addresses one of security operations' most persistent challenges: alert fatigue that leads to missed threats and burned-out analysts.The revolutionary AI Investigator copilot enables natural language interaction, allowing analysts to query the system conversationally. An analyst can simply ask, "Show me all impossible travel incidents between midnight and 4 AM," and receive actionable intelligence immediately. This democratization of security operations means junior analysts can perform at senior levels without extensive coding knowledge or years of experience navigating complex query languages.Identity threat detection and response (ITDR) emerged as another critical focus area during the Black Hat presentation. With identity becoming the new perimeter, Stellar Cyber integrated sophisticated user and entity behavior analytics (UEBA) directly into the platform. The system detects impossible travel scenarios, credential attacks, and lateral movement patterns that indicate compromise. For instance, when a user logs in from Portland at 11 PM and then appears in Moscow 30 minutes later, the platform immediately flags this physical impossibility.The identity protection extends beyond human users to encompass non-human identities, addressing the growing threat of automated attacks powered by large language models. Hackers now leverage generative AI to create credential attacks at unprecedented scale and sophistication, making robust identity security more critical than ever.Guha emphasized that AI augmentation doesn't displace security professionals but elevates them. By automating mundane tasks, analysts focus on strategic decision-making and complex threat hunting. MSSPs report dramatic efficiency gains, scaling operations without proportionally increasing headcount. Where previously a hundred thousand alerts might take weeks to process, requiring extensive junior analyst teams, the platform now delivers actionable insights within days with smaller, more focused teams.The platform's unified approach eliminates tool sprawl, providing CISOs with real-time visualization of their security posture. Executive reporting becomes instantaneous, with high-priority verdicts clearly displayed for rapid decision-making. This visualization capability transforms how security teams communicate with leadership, replacing lengthy reports with dynamic dashboards that convey risk and response status at a glance.Real-world deployments demonstrate significant operational improvements. Organizations report faster mean time to detection and response, reduced false positive rates, and improved analyst satisfaction. The platform's learning capabilities mean it becomes more intelligent over time, adapting to each organization's unique threat landscape and operational patterns.As organizations face increasingly sophisticated threats powered by generative AI, Stellar Cyber's human-augmented approach represents a paradigm shift. By combining AI intelligence with human intuition, the platform delivers faster threat detection, reduced false positives, and empowered security teams ready for tomorrow's challenges. The company's commitment to continuous innovation, evidenced by rapid feature releases between RSA and Black Hat, positions them at the forefront of next-generation security operations. Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The Data Center Frontier Show
Podcast: Traka VP Craig Newell Discusses the Critical Role of Key and Asset Management in Data Center Operations

The Data Center Frontier Show

Play Episode Listen Later Aug 12, 2025 19:39


Smarter Security Starts with Key & Equipment Management In data centers, physical access control is just as critical as cybersecurity. Intelligent key and equipment management solutions help safeguard infrastructure, reduce risk, and improve efficiency — all while supporting compliance. Key Benefits: Enhanced Security – Restrict access to authorized personnel only Audit Trails – Track every access event for full accountability Operational Efficiency – Eliminate manual tracking and delays Risk Reduction – Prevent loss, misuse, or unauthorized access System Integration – Connect with access, video, and visitor tools Regulatory Support – Comply with ISO 27001, SOC 2, HIPAA & more A smart solution for a high-stakes environment — because in the data center world, every detail matters.

Cyber Security Headlines
North Korean crypto theft, Microsoft rolls out back up, four charged in global scheme

Cyber Security Headlines

Play Episode Listen Later Aug 12, 2025 9:07


North Korean crypto theft Microsoft rolls out PC back up during attack U.S. charges four in $100M global fraud scheme Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

Secure Networks: Endace Packet Forensics Files
Episode 62: Jessica (Bair) Oppenheimer, Cisco's Director of Security Operations

Secure Networks: Endace Packet Forensics Files

Play Episode Listen Later Aug 12, 2025 27:37


What does it take to run a world-class Security Operations Center (SOC) in today's high-stakes, high-speed cybersecurity landscape?In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Jessica (Bair) Oppenheimer, Cisco's Director of Security Operations, for an in-depth look at next-generation Security Operations Centers (SOCs). Jessica shares her expertise from securing high-stakes events like the Paris 2024 Olympics, NFL Super Bowl, Black Hat, and RSAC Conference. Discover how her team leverages AI, full packet capture with EndaceProbes, and integrations with Cisco XDR and Splunk to combat AI-driven threats and ensure rapid detection and response. This episode is a must-listen for cybersecurity professionals who want to stay ahead of evolving threats. It is packed with insights on balancing automation with human expertise and key KPIs for SOC success.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a single pane-of-glass.Endace's open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-premise locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.

Unleashed - How to Thrive as an Independent Professional
615. Sid Masson, Co-Founder of Wokelo.ai, a Powerful Tool for Commercial Due Diligence

Unleashed - How to Thrive as an Independent Professional

Play Episode Listen Later Aug 11, 2025 36:52


Show Notes: Sid Masson, co-founder and CEO of Wokelo.ai explains that Wokelo is an agentic platform for investment research and commercial due diligence, automating market research and desk research activities performed by consulting firms, investment banks,  private equity analysts and so on. It offers  private market research and allows the user to pass through hundreds and 1000s of data sets in a matter of minutes, but beyond just research, it automates end-to-end deliverables, all the way to a well formatted PowerPoint deck in a format of your choice. How Wokelo.ai Works Sid mentions that Wokelo has been in production for two and a half years and commercially launched in November 2023. The platform has 40+ paying customers, including big four consulting firms like KPMG, investment banks, and venture capital firms. Pricing starts at $30,000 annually for five seats and proportionate usage. Sid explains that  larger enterprises use bespoke models which cost more and cases where certain boutique consulting firms who may not have may not need five or 10 seats and are offered customized pricing. Wokelo also ensures various security levels, including SOC 2 compliant cloud, private cloud instances, and on-prem deployments. A Demonstration of Wokelo Sid explains Wokelo's web application, which offers several workflows for different tasks. The platform includes standardized workflows like company research, industry research, and market maps, as well as custom workflows designed by users. He demonstrates the process of creating a live report for a company, including adding company attributes, uploading files, and generating insights. The platform generates a detailed, editable notebook with insights, sources, and charts, which can be exported in various formats. Sid lists the data sources Wokelo uses, including third-party data partnerships, public data scraping, and user-uploaded data. The platform has partnerships with CrunchBase, PitchBook, SNP Cap IQ, and IEP Query for patent data. Wokelo's proprietary private company database includes detailed information beyond firmographics, such as product catalogs and management profiles. Wokelo's Custom Workflow Feature Sid explains the custom workflow feature, which allows users to design their own bespoke workflows to mimic their existing methodologies. Custom workflows can include custom analysis, synergy potential mapping, and IC memos, tailored to specific user needs. The platform's user interface is designed to be easy to use, with guardrails and standardized constraints to ensure high-quality outputs. Wokelo's editable notebooks and charts are designed to be user-friendly and customizable, allowing for detailed and professional reports. The Wokelo Team Sid shares the background of the Wokelo team, including his and his co-founder's experience in management consulting and AI. The team has grown from 10 to 25 members in the last 12 months, with a focus on building a solid product and team. Wokelo has raised two rounds of funding: a pre-seed round in 2023 and a seed round in September 2022, totaling $5.5 million. The funding has helped the team build a solid product and team, focusing on quality and value rather than excessive funding. Sid discusses the challenges of selling to large firms and the initial skepticism they face. Wokelo plans to continue iterating and improving the platform, focusing on user experience and domain expertise. The team aims to expand their customer base and offer more customized solutions to meet the evolving needs of their clients. Timestamps: 00:02: Overview of Wokelo and its purpose  02:47: Customer base and pricing  05:51: Demonstration of Wokelo's features  08:50: Data sources and security  19:24: Custom workflows and user interface 27:04: Team background and funding  35:46: Challenges and future plans  Links:  https://www.wokelo.ai/ Unleashed is produced by Umbrex, which has a mission of connecting independent management consultants with one another, creating opportunities for members to meet, build relationships, and share lessons learned. Learn more at www.umbrex.com.  

Cyber Security Headlines
DARPA code prize, ScarCruft adds ransomware, Columbia breach tally

Cyber Security Headlines

Play Episode Listen Later Aug 11, 2025 8:21


DARPA awards $4 million prize for AI code review at DEF CON North Korea ScarCruft group adds ransomware to its activities Columbia University hack affects over 860,000 Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.  

CISO Stories Podcast
Reimagining Security Operations: SOC as a Service and the Role of AI - Kevin Nikkhoo - CSP #215

CISO Stories Podcast

Play Episode Listen Later Aug 11, 2025 28:26


Kevin Nikkhoo joins the show to explore Security Operations Center as a Service (SOCaaS) and how it compares to traditional SOC models. He breaks down which organizations benefit most from this approach and how AI is reshaping modern SOC operations. Listeners will gain a clear understanding of how SOCaaS can enhance detection and response capabilities—and why embracing AI is key to the future of security operations. Segment Resources: https://www.xenexsoc.com/ https://www.xenexsoc.com/blog https://www.xenexsoc.com/ebooks This segment is sponsored by Tines. Tines' AI-enabled, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. Learn more at https://cisostoriespodcast.com/tines Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-215

ITSPmagazine | Technology. Cybersecurity. Society
How Novel Is Novelty? Security Leaders Try To Cut Through the Cybersecurity Vendor Echo Chamber | Reflections from Black Hat USA 2025 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE3 | Read by TAPE3

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 10, 2025 11:44


Black Hat 2025 was a showcase of cybersecurity innovation — or at least, that's how it appeared on the surface. With more than 60 vendor announcements over the course of the week, the event floor was full of “AI-powered” solutions promising to integrate seamlessly, reduce analyst fatigue, and transform SOC operations. But after walking the floor, talking with CISOs, and reviewing the press releases, a pattern emerged: much of the messaging sounded the same, making it hard to distinguish the truly game-changing from the merely loud.In this episode of The Future of Cybersecurity Newsletter, I take you behind the scenes to unpack the themes driving this year's announcements. Yes, AI dominated the conversation, but the real story is in how vendors are (or aren't) connecting their technology to the operational realities CISOs face every day. I share insights gathered from private conversations with security leaders — the unfiltered version of how these announcements are received when the marketing gloss is stripped away.We dig into why operational relevance, clarity, and proof points matter more than ever. If you can't explain what your AI does, what data it uses, and how it's secured, you're already losing the trust battle. For CISOs, I outline practical steps to evaluate vendor claims quickly and identify solutions that align with program goals, compliance needs, and available resources.And for vendors, this episode serves as a call to action: cut the fluff, be transparent, and frame your capabilities in terms of measurable program outcomes. I share a framework for how to break through the noise — not just by shouting louder, but by being more real, more specific, and more relevant to the people making the buying decisions.Whether you're building a security stack or selling into one, this conversation will help you see past the echo chamber and focus on what actually moves the needle.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________✦ ResourcesBlack Hat 2025 On Location Closing Recap Video with Sean Martin, CISSP and Marco Ciappelli: https://youtu.be/13xP-LEwtEAITSPmagazine Studio — A Brand & Marketing Advisory for Cybersecurity and Tech Companies: https://www.itspmagazine.studio/ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageCitations: Available in the full article________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.

Redefining CyberSecurity
How Novel Is Novelty? Security Leaders Try To Cut Through the Cybersecurity Vendor Echo Chamber | Reflections from Black Hat USA 2025 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE3 | Read by TAPE3

Redefining CyberSecurity

Play Episode Listen Later Aug 10, 2025 11:44


Black Hat 2025 was a showcase of cybersecurity innovation — or at least, that's how it appeared on the surface. With more than 60 vendor announcements over the course of the week, the event floor was full of “AI-powered” solutions promising to integrate seamlessly, reduce analyst fatigue, and transform SOC operations. But after walking the floor, talking with CISOs, and reviewing the press releases, a pattern emerged: much of the messaging sounded the same, making it hard to distinguish the truly game-changing from the merely loud.In this episode of The Future of Cybersecurity Newsletter, I take you behind the scenes to unpack the themes driving this year's announcements. Yes, AI dominated the conversation, but the real story is in how vendors are (or aren't) connecting their technology to the operational realities CISOs face every day. I share insights gathered from private conversations with security leaders — the unfiltered version of how these announcements are received when the marketing gloss is stripped away.We dig into why operational relevance, clarity, and proof points matter more than ever. If you can't explain what your AI does, what data it uses, and how it's secured, you're already losing the trust battle. For CISOs, I outline practical steps to evaluate vendor claims quickly and identify solutions that align with program goals, compliance needs, and available resources.And for vendors, this episode serves as a call to action: cut the fluff, be transparent, and frame your capabilities in terms of measurable program outcomes. I share a framework for how to break through the noise — not just by shouting louder, but by being more real, more specific, and more relevant to the people making the buying decisions.Whether you're building a security stack or selling into one, this conversation will help you see past the echo chamber and focus on what actually moves the needle.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________✦ ResourcesBlack Hat 2025 On Location Closing Recap Video with Sean Martin, CISSP and Marco Ciappelli: https://youtu.be/13xP-LEwtEAITSPmagazine Studio — A Brand & Marketing Advisory for Cybersecurity and Tech Companies: https://www.itspmagazine.studio/ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageCitations: Available in the full article________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.

Cloud Security Podcast
The Truth About Agentic AI in the SOC: Reality vs. Hype

Cloud Security Podcast

Play Episode Listen Later Aug 7, 2025 52:39


What does the integration of AI into a Security Operations Center (SOC) practically look like? This episode explores the concept of the "Agentic SOC," moving beyond marketing terms to discuss its real-world applications and limitations.Ashish Rajan is joined by Edward Wu, CEO of Dropzone AI, for an in-depth discussion on the current state of artificial intelligence in cybersecurity. Edward, who holds numerous patents in the field, shares his perspective on how AI is changing security operations. The conversation details how AI agents can function as a tool to support human analysts rather than replace them, and why the idea of a fully autonomous SOC is not yet a reality.The "Agentic SOC" model: A framework where AI agents assist human security engineers.AI's role in alert investigation: How AI can autonomously investigate alerts by making over a hundred large language model invocations for a single alert.Practical limitations of AI: A discussion on challenges like AI hallucinations and the need for organizational context.Building vs. buying AI tools: An overview of the complexities involved in creating in-house AI agents for security.The impact on SOC metrics: How AI can influence Mean Time To Resolution (MTTR) by investigating alerts in parallel within minutes.The future for security professionals: How the role of a Level 1 SOC analyst is expected to evolve as AI handles more repetitive tasks.Guest Socials -⁠⁠ ⁠⁠⁠Edward's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction: Why Agentic AI in the SOC Matters Now(03:03) Meet Edward Wu: 30 Patents and a Mission to Fix Alert Fatigue(04:03) What is an "Agentic SOC"? (AI Foot Soldiers & Human Generals)(06:27) Why SOAR & Playbooks Are Not Enough for Modern Threats(08:18) Reality vs. Hype: Can AI Create a Fully Autonomous SOC?(11:55) The New SOC Workflow: How AI Changes Daily Operations(14:10) Can You Build Your Own AI Agent? The Hidden Complexities(19:06) From Skepticism to Demand: The Evolution of AI in Security(22:00) Slashing MTTR: How AI Transforms Key SOC Metrics(28:42) Are AI-Powered Cyber Attacks Really on the Rise?(31:01) How Smart SOC Teams Use ChatGPT & Co-Pilots Today(32:38) The 4 Maturity Levels of Adopting AI in Your SOC(37:04) How to Build Trust in Your AI's Security Decisions(41:28) Beyond the SOC: Which Cybersecurity Jobs Will AI Disrupt Next?(46:44) What is the Future for Level 1 SOC Analysts?(49:11) Getting to Know Edward: Sim Racing & StarCraft ChampionResources spoken about during the episode:Take a self-guided demo of Dropzone.aiRequest a Demo Download a Copy of the Gartner Hype Cycle for Security Operations 2025 Thank you to our episode sponsor Dropzone.ai

Security Conversations
Live from Black Hat: Brandon Dixon parses the AI security hype

Security Conversations

Play Episode Listen Later Aug 7, 2025 90:14


Three Buddy Problem - Episode 57: Brandon Dixon (PassiveTotal/RiskIQ, Microsoft) leads a deep-dive into the collision of AI and cybersecurity. We tackle Google's “Big Sleep” project, XBOW's HackerOne automation hype, the long-running tension between big tech ownership of critical security tools and the community's need for open access. Plus, the future of SOC automation to AI-assisted pen testing, how agentic AI could transform the cyber talent bottlenecks and operational inefficiencies, geopolitical debates over backdoors in GPUs and the strategic implications of China's AI model development. Cast: Brandon Dixon (https://www.linkedin.com/in/brandonsdixon/), Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), and Ryan Naraine (https://twitter.com/ryanaraine).

Risky Business
Risky Business #801 -- AI models can hack well now and it's weirding us out

Risky Business

Play Episode Listen Later Aug 6, 2025 66:01


On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news. Google security engineering VP Heather Adkins drops by to talk about their AI bug hunter, and Risky Business producer Amberleigh Jack makes her main show debut. This episode explores the rise of AI-powered bug hunting: Google's Project Zero and Deepmind team up to find and report 20 bugs to open source projects The XBOW AI bug hunting platform sees success on HackerOne Is an AI James Kettle on the horizon? There's also plenty of regular cybersecurity news to discuss: On-prem Sharepoint's codebase is maintained out of China… awkward! China frets about the US backdooring its NVIDIA chips, how you like ‘dem apples, China? SonicWall advises customers to turn off their VPNs Hardware controlling Dell laptop fingerprint and card readers has nasty driver bugs Russia uses its ISPs to in-the-middle embassy computers and backdoor ‘em. The Russian government pushes VK's Max messenger for everything This week's show is sponsored by device management platform Devicie. Head of Solutions Sean Ollerton talks through the impending Windows 10 apocalypse, as Microsoft ends mainstream support. He says Windows 11 isn't as scary as people make out, but if the update isn't on your radar now, time is running out. This episode is also available on Youtube. Show notes Google says its AI-based bug hunter found 20 security vulnerabilities | TechCrunch Is XBOW's success the beginning of the end of human-led bug hunting? Not yet. | CyberScoop James Kettle on X: "There I am being careful to balance hyping my talk without going too far and then this gets published

Found In The Rockies
Chris Peterson (Radicl) // Building Military-Grade Cybersecurity for SMBs

Found In The Rockies

Play Episode Listen Later Aug 6, 2025 46:45


Summary:In today's episode, Les speaks with Chris Peterson, co-founder and CEO of Radicl, and a pioneer in cybersecurity innovation. Chris shares his inspiring journey from early days at Price Waterhouse to co-founding LogRhythm, and now leading Radicl - a company on a mission to bring military-grade cybersecurity to small and medium-sized businesses (SMBs), especially those in the defense industrial base (DIB). With humility, vision, and deep industry experience, Chris talks about the challenges of cybersecurity for SMBs, the promise of AI in threat detection, and the principles that drive Radicl's product and culture.Here's a closer look at the episode:1. Chris's Cybersecurity RootsGrew up curious and mischievous - early hacking instincts emerged from pushing boundaries.First tech job at Price Waterhouse, where he was inspired by early internet penetration testing.Mentored by pioneers like George Kurtz (founder of CrowdStrike) and Ron Gula.Early work included database security assessments and automated audit tools.2. Building LogRhythmCo-founded LogRhythm after stints at Counterpane and Tenable.Bootstrapped early development by selling his home and self-funding the venture.Partnered with Phil Villella (nuclear physicist) and Andy Grolnick (CEO) to scale the company.Lessons from early days: founder commitment, frugality, focus on product-market fit.LogRhythm grew to 500 employees before exiting via private equity in 2018.3. The Genesis of RadiclFounded Radicl to address cybersecurity gaps in SMBs within the defense supply chain.Inspired by the SolarWinds hack and national security threats.Assembled a founding team including his brother Matt and a former fighter pilot.Mission: protect under-defended SMBs in DIB against industrial espionage.4. The Opportunity and Market NeedDIB SMBs are often unable to afford or operate traditional cybersecurity solutions.Barriers include tight margins, complex compliance (e.g. CMMC), and lack of in-house talent.Advances in cloud, automation, and AI now make affordable, scalable solutions viable.Radicl addresses both compliance operations and 24/7 security operations via software + human hybrid model.5. Radicl's Product and PlatformDelivers “virtual SOC” capabilities—blending human expertise with AI and automation.Handles CMMC readiness, threat detection, incident response, and vulnerability management.Designed for transparency: customers can engage with Radicl's ops team in-platform.AI-driven agents are increasingly being introduced to reduce cost and improve response times.6. Looking AheadPreparing for a Series A raise in the next 4–6 months to accelerate R&D investment.Focused on doubling down on AI innovation and expanding platform features.Vision: democratize advanced cybersecurity for SMBs while delivering elite protection to the DIB.Chris aims to balance company building with family, health, and meditation—striving for better life integration as a second-time founder.Resources:Website: RADICLhttps://www.linkedin.com/company/radicl-defense/ https://radicl.com/Chris Petersonhttps://www.linkedin.com/in/chrispetersen1/ https://radicl.com/bio-chris-petersen 

Life Sciences 360
Why Every Medical Affairs Team Needs Their Own AI Agent in 2025

Life Sciences 360

Play Episode Listen Later Aug 6, 2025 48:31


Medical misinformation, life sciences burnout, and AI-powered content creation collide in this episode with Dr. Ome Ogbru, founder & CEO of AINGENS and creator of MACg (Medical Affairs Content Generator). Learn how AI in biotech is tackling the complexities of medical affairs—from literature review and content automation to compliance and regulatory writing.⚡️ WHAT YOU'LL LEARN:- Why medical affairs and regulatory teams can't rely on ChatGPT alone.- How MACg integrates real‑time PubMed search, citation generation, and secured collaboration to streamline scientific writing - Why MACg users report up to 50 % faster writing and 50–70 % faster medical-legal review.- Why AI platforms like MACg must be purpose-built for life sciences (GDPR & SOC 2 compliant).- What is “human-in-the-loop” AI workflow—and how it balances automation and review to maintain accuracy and trust.- Real-world use cases: scientific summaries, medical info letters and more.

Did That Really Happen?

This week we're traveling back to 1970s Britain with Joy! Join us as we learn about the real people who invented IVF, including Patrick Steptoe, Jean Purdy, and Matron Muriel, as well as how papers like the Daily Mirror covered the whole thing.  Sources https://www.theguardian.com/film/2024/nov/10/screenwriter-jack-thorne-ivf-joy-film-netflix https://deadline.com/2024/10/joy-movie-thomasin-mckenzie-shines-as-test-tube-baby-pioneer-in-joy-1236115393/ https://time.com/7178799/joy-true-story-jean-purdy-netflix/ https://en.wikipedia.org/wiki/Joy_(2024_film) Litynski GS. Patrick C. Steptoe: laparoscopy, sterilization, the test-tube baby, and mass media. JSLS. 1998 Jan-Mar;2(1):99-101. PMID: 9876723; PMCID: PMC3015256. Edwards Robert Geoffrey 1996Patrick Christopher Steptoe, C. B. E., 9 June 1913 - 22 March 1988Biogr. Mems Fell. R. Soc.42433–452 Daily Mirror articles from 21 January 1960 to 14 December 1979, accessed through the British Newspaper Archive Bourn Hall Fertility Clinic: https://www.bournhall.co.uk/fertilityblog/international-nurses-day-12-may-recognising-the-dedication-of-fertility-nurses/ John Webster, "Muriel Harris: Nursing IVF to Success," Science Museum Blog, available at https://blog.sciencemuseum.org.uk/muriel-harris-nursing-ivf-to-success/ https://www.scopus.com/authid/detail.uri?authorId=7101718324  Web of Science Josh Halliday, "Female nurse who played crucial role in IVF ignored on plaque," The Guardian (2019), https://www.theguardian.com/society/2019/jun/10/jean-purdy-female-nurse-who-played-crucial-role-in-ivf-ignored-on-plaque  Johnson, Martin H. "Edwards, Sir Robert Geoffrey (Bob) (1925–2013), physiologist." Oxford Dictionary of National Biography.

UC Berkeley (Audio)
Times of Change: Possibility Virtue and a Democratic Politics of Time

UC Berkeley (Audio)

Play Episode Listen Later Aug 2, 2025 118:03


Political theorist Annabel Brett of Cambridge University explores how the concept of “moral possibility” shapes law, politics, and public obligation. She explains that laws must be realistic for people to follow—what is morally possible varies by individual, culture, time, and circumstance. Drawing on early modern Catholic legal theory, Brett discusses how extreme demands (like enduring war or plague) may justify higher expectations, but only temporarily. She examines how colonial Spanish officials misused this framework to justify forced labor in Peru, wrongly claiming it aligned with indigenous customs. Brett contrasts this with more democratic approaches to law, like Domingo de Soto's defense of beggars' rights, which take individuals' real conditions seriously. Ultimately, she shows how moral possibility is deeply tied to time, virtue, and justice. Commentary is provided by David Dyzenhaus of the University of Toronto. Series: "UC Berkeley Graduate Lectures" [Public Affairs] [Humanities] [Show ID: 40430]

Rabbit Hole Recap
RABBIT HOLE RECAP #368: NO PRIVACY? NO FREEDOM.

Rabbit Hole Recap

Play Episode Listen Later Aug 1, 2025 103:07


- Samourai Wallet Developers Plead Guilty To Unlicensed Money Transmission https://www.therage.co/samourai-wallet-developers-plead-guilty-to-unlicensed-money-transmission/- Tornado Cash Verdict Expected Today https://www.therage.co/the-storm-jurys-dilemma-was-crime-the-goal-all-along/- Spotify users told to prove their age under new rules https://www.the-independent.com/tech/spotify-age-checks-verification-b2798937.html- YouTube's new AI age verification is coming soon — here's what's going to change https://www.tomsguide.com/ai/youtubes-new-ai-age-verification-is-coming-soon-heres-whats-going-to-change- X Implements Age Checking Measures To Align With New Laws https://www.socialmediatoday.com/news/x-formerly-twitter-adds-new-age-verification-measures/754024/ + https://x.com/globalaffairs/status/1927697128219947132- Trump blasts Powell after Fed votes to keep interest rates steady https://thehill.com/homenews/administration/5429281-donald-trump-jerome-powell-interest-rates/- The President's Working Group on Digital Asset Markets Releases Recommendations to Strengthen American Leadership in Digital Financial Technology https://www.whitehouse.gov/crypto/ + nevent1qvzqqqqqqypzquq0mq9wdrsqnmf6jly595nxud0c5j3zd3cf4hzr0tck4wxstfunqqsg4vv7vhcmspkl2uetkme8pyx9thgyskmjg2q3una2hh0n9xdyr7sqyhcj0-Fold and Blackhawk Network Bring Bitcoin to Major U.S. Digital Retail Platforms https://investor.foldapp.com/news-releases/news-release-details/fold-and-blackhawk-network-bring-bitcoin-major-us-digital-retail- AnchorWatch has officially completed its SOC 2 Type 1 audit https://x.com/anchorwatch/status/1950579169877791173- El Salvador | New Insights Reveal Bitcoin DeceptionA new detail buried in an IMF progress report casts doubt on El Salvador's claim that it is “buying one Bitcoin a day.” According to the IMF, “increases in Bitcoin holdings in the Strategic Reserve Fund reflect the consolidation of Bitcoin across various government-owned wallets.” This suggests that President Nayib Bukele's progressively authoritarian government may be reshuffling existing Bitcoin holdings from undisclosed wallets rather than accumulating new Bitcoin. A letter signed by two of El Salvador's top finance officials also confirmed the state has not bought Bitcoin since February 2025. The revelation comes after El Salvador secured a $1.4 billion IMF loan, which required the government to scale back key parts of its Bitcoin policy, including ending tax payments in Bitcoin, phasing out the Chivo wallet, and making private sector acceptance voluntary. While Bukele continues to tout Bitcoin as part of El Salvador's identity, the disconnect between official actions and public messaging calls into question transparency and credibility. FinancialFreedomReport.org- Bitchat 1.2.0 iOS and bitchat android 0.8.1 https://github.com/permissionlesstech/bitchat-android/releases/tag/0.8.1- MSTR Earnings Today0:00 - Intro2:35 - Welcome back to Car Talk10:31 - Zora18:28 - Dashboard20:39 - Samourai34:28 - Age verification46:50 - Gaza story and psyops50:25 - Patriot Act extension and dead internet1:08:13 - Fold + Blackhawk1:11:11 - AnchorWatch SOC 2 Audit1:13:22 - Simplicity Liquid1:20:00 - peer-observer1:24:46 - HRF Story of the Week1:27:44 - Bitchat1:38:05 - Paper bitcoin newsShoutout to our sponsors:Coinkitehttps://coinkite.com/Bitkeyhttps://bitkey.world/Stakworkhttps://stakwork.ai/Follow Marty Bent:Twitterhttps://twitter.com/martybentNostrhttps://primal.net/martyNewsletterhttps://tftc.io/martys-bent/Podcasthttps://tftc.io/podcasts/Follow Odell:Nostrhttps://primal.net/odellNewsletterhttps://discreetlog.com/Podcasthttps://citadeldispatch.com/

Out of the Woods: The Threat Hunting Podcast
S3 Ep38: Testimonial from the Trenches

Out of the Woods: The Threat Hunting Podcast

Play Episode Listen Later Jul 31, 2025 46:35


Scott Poley and Tom Kostura are joined by Ben McGavin, Threat Hunting Team Lead at RSM Defense, and Justin Dolgos, Senior Threat Hunter at RSM Defense, for a conversation on what it takes to build and run a threat hunting program inside an MSSP. They walk through how their team prioritizes hunts, manages detection logic across multi-tenant environments, and scales their approach through SoC collaboration and hypothesis-driven routines. Ben shares how the program was built from scratch, and Justin breaks down the lessons learned moving from alert triage into full-time threat hunting. They also cover tooling gaps, visibility challenges, and how custom detections have become a key success metric for their team. This episode offers practical insight from two hunters operating at the heart of a fast-moving MSSP environment. Watch this podcast on YouTube here: https://youtu.be/YQtmMomoUbU ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc LinkedIn: https://www.linkedin.com/company/intel-471/ YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg Discord: https://discord.gg/DR4mcW4zBr Facebook: https://www.facebook.com/Intel471Inc/

Autonomous IT
Automox Insiders – By Your Command: The Cybersecurity Directive with Tom Bowyer, E10

Autonomous IT

Play Episode Listen Later Jul 31, 2025 18:07


Maddie Regis speaks with Tom Bowyer, Director of Security at Automox, about the intersection of IT and cybersecurity. Tom shares his career journey, the importance of collaboration between IT and security teams, and insights into SOC compliance reports. He emphasizes the need for transparency, experimentation, and proactive problem-solving in enhancing cybersecurity. This episode originally aired October 17, 2024

ITSPmagazine | Technology. Cybersecurity. Society
Making Honeypots Useful Again: Identity Security, Deception, and the Art of Detection | A Conversation with Sean Metcalf | Redefining CyberSecurity with Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 30, 2025 31:48


⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

This Week in Startups
Figma IPO, IMAX AI Festival, the Tea app spill, that one Sydney Sweeney jeans ad, and more! | E2157

This Week in Startups

Play Episode Listen Later Jul 29, 2025 73:36


Today's show:SYDNEY SWEENEY'S AMERICAN EAGLE AD DIVIDES OUR PANEL!PLUS WHAT STARTUPS CAN LEARN FROM THE VIRAL ASTRONOMER RESPONSEJason, Alex, and Lon are looking at some of the biggest media stories of the day before returning to their favorite topic, tech. Tune in for deep dives on IMAX's new AI film festival, Figma's big IPO and much more!*Timestamps:(0:00) Jason and Alex kick off the show!(3:45) Lon's joining Alex and Lon to discuss the controversial Sydney Sweeney genes/jeans ad(7:20) A look at the polarizing takes on this jeans ad.(10:10) OpenPhone - Streamline and scale your customer communications with OpenPhone. Get 20% off your first 6 months at https://www.openphone.com/twist⁠(11:46) Hear the verdict from Jason, self—proclaimed Chairman of the Interwebs(16:42) Alex points out the economic impact of the controversy(20:26) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(21:25) Back to the show!(26:35) Paltrow's Astronomer ad, meme-processing and the ideal way to change the conversation(30:04) Vouched - Trust for agents that's built for builders like you. Check it out at http://vouched.id/twist(31:28) Back to the show!(36:48) Netflix and the growing controversy around AI's role in filmmaking(42:53) IMAX/Runway collaboration and Hollywood's shifting attitude toward AI(47:34) Everything that went wrong with the Tea App(54:27) Why Jason thinks app stores should ban “anonymous” forms and message boards(1:04:19) Figma upped its IPO price… what does it mean for the return of liquidity? And is this too high or fairly priced?(1:07:53) Paul Graham says you shouldn't drop out of college to work on a startup… Why Thiel Fellows disagree*Subscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcp*Follow Lon:X: https://x.com/lons*Follow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelm*Follow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanis*Thank you to our partners:(10:10) OpenPhone - Streamline and scale your customer communications with OpenPhone. Get 20% off your first 6 months at https://www.openphone.com/twist⁠(20:26) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(30:04) Vouched - Trust for agents that's built for builders like you. Check it out at http://vouched.id/twist*Great TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland*Check out Jason's suite of newsletters: https://substack.com/@calacanis*Follow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.com*Subscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916

Unsupervised Learning
A Conversation With Sarit Tager from Prisma Cloud

Unsupervised Learning

Play Episode Listen Later Jul 29, 2025 25:31 Transcription Available


➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows. We talk about: Unifying AppSec, Cloud, and SOC into One Data Lake How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board. From Detection to Dynamic Prevention Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production. AI-Powered Insight and the Future of Secure DevOpsHow their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Sarit’s Background and the Goal of Unifying Security Context01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec06:47 – Using Business Context to Drive Risk-Based Decisions10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact13:12 – Continuous Discovery and Bringing External Signals Into One View15:25 – Why App Grouping and Context-Rich Policies Increase Velocity17:58 – How Attackers Are Already Building Their Own Unified Context (UEC)20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control21:56 – Bringing In Data From External Scanners and Enriching Coverage24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation25:05 – Closing Thoughts: Security and Developers Working TogetherBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Cloud Security Podcast by Google
EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI

Cloud Security Podcast by Google

Play Episode Listen Later Jul 28, 2025 27:15


Guest: Manija Poulatova, Director of Security Engineering and Operations at Lloyd's Banking Group Topics: SIEM migration is hard, and it can take ages. Yours was - given the scale and the industry - on a relatively short side of 9 months. What's been your experience so far with that and what could have gone faster?  Anton might be a “reformed” analyst but I can't resist asking a three legged stool question: of the people/process/technology aspects, which are the hardest for this transformation? What helped the most in solving your big challenges?  Was there a process that people wanted to keep but it needed to go for the new tool? One thing we talked about was the plan to adopt composite alerting techniques and what we've been calling the “funnel model” for detection in Google SecOps. Could you share what that means and how your team is adopting?  There are a lot of moving parts in a D&R journey from a process and tooling perspective, how did you structure your plan and why? It wouldn't be our show in 2025 if I didn't ask at least one AI question!  What lessons do you have for other security leaders preparing their teams for the AI in SOC transition?  Resources: EP234 The SIEM Paradox: Logs, Lies, and Failing to Detect EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise EP184 One Week SIEM Migration: Fact or Fiction? EP125 Will SIEM Ever Die: SIEM Lessons from the Past for the Future EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025 “Maverick” — Scorched Earth SIEM Migration FTW! blog “Hack the box” site

Behind The Knife: The Surgery Podcast
Clinical Challenges in Colorectal Surgery: Early Onset Colorectal Cancer

Behind The Knife: The Surgery Podcast

Play Episode Listen Later Jul 21, 2025 38:35


The incidence of early onset colorectal cancer (EOCRC) has been rising prompting the change in change in screening guidelines to 45 years of age for average risk patients. Join us for an in-depth discussion with guest speakers Dr. Andrea Cercek and Dr. Nancy You, where we provide a comprehensive look at the growing challenge of EOCRC. Hosts: - Dr. Janet Alvarez - General Surgery Resident at New York Medical College/Metropolitan Hospital Center - Dr. Wini Zambare – General Surgery Resident at Weill Cornell Medical Center/New York Presbyterian - Dr. Phil Bauer, Graduating Colorectal Surgical Oncology Fellow at Memorial Sloan Kettering Cancer Center  - Dr. J. Joshua Smith MD, PhD, Chair, Department of Colon and Rectal Surgery at MD Anderson Cancer Center - Dr. Andrea Cercek - Gastrointestinal Medical Oncologist at Memorial Sloan Kettering Cancer Center - Dr. Y. Nancy You, MD MHSc - Professor, Department of Colon and Rectal Surgery at MD Anderson Cancer Center Learning objectives:  - Describe trends in incidence of colorectal cancer, with emphasis on the rise of EOCRC. - Identify age groups and demographics most affected by EOCRC. - Summarize USPSTF recommendations for colorectal cancer screening. - Distinguish between screening methods (e.g., colonoscopy, FIT-DNA) and their sensitivity. - Understand treatment approaches for colon and rectal cancer (CRC) - Understand the role of mismatch repair (MMR) status in guiding treatment. - Outline the importance of genetic counseling and testing in young patients. - Discuss racial, ethnic, and socioeconomic disparities in CRC incidence and outcomes. - Describe the impact of cancer treatment on fertility and sexual health. -  Review fertility preservation options. - Identify the value of integrated care teams for young CRC patients. References: 1.         Siegel, R. L. et al. Colorectal Cancer Incidence Patterns in the United States, 1974–2013. JNCI J. Natl. Cancer Inst. 109, djw322 (2017). https://pubmed.ncbi.nlm.nih.gov/28376186/ 2.         Abboud, Y. et al. Rising Incidence and Mortality of Early-Onset Colorectal Cancer in Young Cohorts Associated with Delayed Diagnosis. Cancers 17, 1500 (2025). https://pubmed.ncbi.nlm.nih.gov/40361427/ 3.         Phang, R. et al. Is the Incidence of Early-Onset Adenocarcinomas in Aotearoa New Zealand Increasing? Asia Pac. J. Clin. Oncol.https://pubmed.ncbi.nlm.nih.gov/40384533/ 4.         Vitaloni, M. et al. Clinical challenges and patient experiences in early-onset colorectal cancer: insights from seven European countries. BMC Gastroenterol. 25, 378 (2025). https://pubmed.ncbi.nlm.nih.gov/40375142/ 5.         Siegel, R. L. et al. Global patterns and trends in colorectal cancer incidence in young adults. (2019) doi:10.1136/gutjnl-2019-319511. https://pubmed.ncbi.nlm.nih.gov/31488504/ 6.         Cercek, A. et al. A Comprehensive Comparison of Early-Onset and Average-Onset Colorectal Cancers. J. Natl. Cancer Inst. 113, 1683–1692 (2021). https://pubmed.ncbi.nlm.nih.gov/34405229/ 7.         Zheng, X. et al. Comprehensive Assessment of Diet Quality and Risk of Precursors of Early-Onset Colorectal Cancer. JNCI J. Natl. Cancer Inst. 113, 543–552 (2021). https://pubmed.ncbi.nlm.nih.gov/33136160/ 8.         Standl, E. & Schnell, O. Increased Risk of Cancer—An Integral Component of the Cardio–Renal–Metabolic Disease Cluster and Its Management. Cells 14, 564 (2025). https://pubmed.ncbi.nlm.nih.gov/40277890/ 9.         Muller, C., Ihionkhan, E., Stoffel, E. M. & Kupfer, S. S. Disparities in Early-Onset Colorectal Cancer. Cells 10, 1018 (2021). https://pubmed.ncbi.nlm.nih.gov/33925893/ 10.       US Preventive Services Task Force. Screening for Colorectal Cancer: US Preventive Services Task Force Recommendation Statement. JAMA 325, 1965–1977 (2021). https://pubmed.ncbi.nlm.nih.gov/34003218/ 11.       Fwelo, P. et al. Differential Colorectal Cancer Mortality Across Racial and Ethnic Groups: Impact of Socioeconomic Status, Clinicopathology, and Treatment-Related Factors. Cancer Med. 14, e70612 (2025). https://pubmed.ncbi.nlm.nih.gov/40040375/ 12.       Lansdorp-Vogelaar, I. et al. Contribution of Screening and Survival Differences to Racial Disparities in Colorectal Cancer Rates. Cancer Epidemiol. Biomarkers Prev. 21, 728–736 (2012). https://pubmed.ncbi.nlm.nih.gov/22514249/ 13.       Ko, T. M. et al. Low neighborhood socioeconomic status is associated with poor outcomes in young adults with colorectal cancer. Surgery 176, 626–632 (2024). https://pubmed.ncbi.nlm.nih.gov/38972769/ 14.       Siegel, R. L., Wagle, N. S., Cercek, A., Smith, R. A. & Jemal, A. Colorectal cancer statistics, 2023. CA. Cancer J. Clin. 73, 233–254 (2023). https://pubmed.ncbi.nlm.nih.gov/36856579/ 15.       Jain, S., Maque, J., Galoosian, A., Osuna-Garcia, A. & May, F. P. Optimal Strategies for Colorectal Cancer Screening. Curr. Treat. Options Oncol. 23, 474–493 (2022). https://pubmed.ncbi.nlm.nih.gov/35316477/ 16.       Zauber, A. G. The Impact of Screening on Colorectal Cancer Mortality and Incidence: Has It Really Made a Difference? Dig. Dis. Sci. 60, 681–691 (2015). https://pubmed.ncbi.nlm.nih.gov/25740556/ 17.       Edwards, B. K. et al. Annual report to the nation on the status of cancer, 1975-2006, featuring colorectal cancer trends and impact of interventions (risk factors, screening, and treatment) to reduce future rates. Cancer 116, 544–573 (2010). https://pubmed.ncbi.nlm.nih.gov/19998273/ 18.       Cercek, A. et al. Nonoperative Management of Mismatch Repair–Deficient Tumors. New England Journal of Medicine 392, 2297–2308 (2025). https://pubmed.ncbi.nlm.nih.gov/40293177/ 19.       Monge, C., Waldrup, B., Carranza, F. G. & Velazquez-Villarreal, E. Molecular Heterogeneity in Early-Onset Colorectal Cancer: Pathway-Specific Insights in High-Risk Populations. Cancers 17, 1325 (2025). https://pubmed.ncbi.nlm.nih.gov/40282501/ 20.       Monge, C., Waldrup, B., Carranza, F. G. & Velazquez-Villarreal, E. Ethnicity-Specific Molecular Alterations in MAPK and JAK/STAT Pathways in Early-Onset Colorectal Cancer. Cancers 17, 1093 (2025). https://pubmed.ncbi.nlm.nih.gov/40227607/ 21.       Benson, A. B. et al. Colon Cancer, Version 2.2021, NCCN Clinical Practice Guidelines in Oncology. J. Natl. Compr. Cancer Netw. JNCCN 19, 329–359 (2021). https://pubmed.ncbi.nlm.nih.gov/33724754/ 22.       Christenson, E. S. et al. Nivolumab and Relatlimab for the treatment of patients with unresectable or metastatic mismatch repair proficient colorectal cancer. https://pubmed.ncbi.nlm.nih.gov/40388545/ 23.       Dasari, A. et al. Fruquintinib versus placebo in patients with refractory metastatic colorectal cancer (FRESCO-2): an international, multicentre, randomised, double-blind, phase 3 study. The Lancet 402, 41–53 (2023). https://pubmed.ncbi.nlm.nih.gov/37331369/ 24.       Strickler, J. H. et al. Tucatinib plus trastuzumab for chemotherapy-refractory, HER2-positive, RAS wild-type unresectable or metastatic colorectal cancer (MOUNTAINEER): a multicentre, open-label, phase 2 study. Lancet Oncol. 24, 496–508 (2023). https://pubmed.ncbi.nlm.nih.gov/37142372/ 25.       Sauer, R. et al. Preoperative versus Postoperative Chemoradiotherapy for Rectal Cancer. N. Engl. J. Med. 351, 1731–1740 (2004). https://pubmed.ncbi.nlm.nih.gov/15496622/ 26.       Cercek, A. et al. Adoption of Total Neoadjuvant Therapy for Locally Advanced Rectal Cancer. JAMA Oncol. 4, e180071 (2018). https://pubmed.ncbi.nlm.nih.gov/29566109/ 27.       Garcia-Aguilar, J. et al. Organ Preservation in Patients With Rectal Adenocarcinoma Treated With Total Neoadjuvant Therapy. J. Clin. Oncol. 40, 2546–2556 (2022). https://pubmed.ncbi.nlm.nih.gov/35483010/ 28.       Schrag, D. et al. Preoperative Treatment of Locally Advanced Rectal Cancer. N. Engl. J. Med. 389, 322–334 (2023). https://pubmed.ncbi.nlm.nih.gov/37272534/ 29.       Kunkler, I. H., Williams, L. J., Jack, W. J. L., Cameron, D. A. & Dixon, J. M. Breast-Conserving Surgery with or without Irradiation in Early Breast Cancer. N. Engl. J. Med. 388, 585–594 (2023). https://pubmed.ncbi.nlm.nih.gov/36791159/ 30.       Jacobsen, R. L., Macpherson, C. F., Pflugeisen, B. M. & Johnson, R. H. Care Experience, by Site of Care, for Adolescents and Young Adults With Cancer. JCO Oncol. Pract. (2021) doi:10.1200/OP.20.00840. https://pubmed.ncbi.nlm.nih.gov/33566700/ 31.       Ruddy, K. J. et al. Prospective Study of Fertility Concerns and Preservation Strategies in Young Women With Breast Cancer. J. Clin. Oncol. (2014) doi:10.1200/JCO.2013.52.8877. https://pubmed.ncbi.nlm.nih.gov/24567428/ 32.       Su, H. I. et al. Fertility Preservation in People With Cancer: ASCO Guideline Update. J. Clin. Oncol. 43, 1488–1515 (2025). https://pubmed.ncbi.nlm.nih.gov/40106739/ 33.       Smith, K. L., Gracia, C., Sokalska, A. & Moore, H. Advances in Fertility Preservation for Young Women With Cancer. Am. Soc. Clin. Oncol. Educ. Book 27–37 (2018) doi:10.1200/EDBK_208301. https://pubmed.ncbi.nlm.nih.gov/30231357/ 34.       Blumenfeld, Z. How to Preserve Fertility in Young Women Exposed to Chemotherapy? The Role of GnRH Agonist Cotreatment in Addition to Cryopreservation of Embrya, Oocytes, or Ovaries. The Oncologist 12, 1044–1054 (2007). 35.       Bhagavath, B. The current and future state of surgery in reproductive endocrinology. Curr. Opin. Obstet. Gynecol. 34, 164 (2022). 36.       Ribeiro, R. et al. Uterine transposition: technique and a case report. Fertil. Steril. 108, 320-324.e1 (2017). 37.       Yazdani, A., Sweterlitsch, K. M., Kim, H., Flyckt, R. L. & Christianson, M. S. Surgical Innovations to Protect Fertility from Oncologic Pelvic Radiation Therapy: Ovarian Transposition and Uterine Fixation. J. Clin. Med. 13, 5577 (2024). 38.       Holowatyj, A. N., Eng, C. & Lewis, M. A. Incorporating Reproductive Health in the Clinical Management of Early-Onset Colorectal Cancer. JCO Oncol. Pract. 18, 169–172 (2022). ***Behind the Knife Colorectal Surgery Oral Board Audio Review: https://app.behindtheknife.org/course-details/colorectal-surgery-oral-board-audio-review Please visit https://behindtheknife.org to access other high-yield surgical education podcasts, videos and more.   If you liked this episode, check out our recent episodes here: https://app.behindtheknife.org/listen

This Week in Startups
Thinking Machines' RECORD seed round, VC Geoff Lewis, and MORE | E2152

This Week in Startups

Play Episode Listen Later Jul 17, 2025 68:27


Today's show:Jason and Alex tackle a full tech and business news docket on today's show, including Jason's big SF trip with Launch Accelerator's 34th cohort, some peculiar social media posts from VC Geoff Lewis, a look inside the HUGE seed rounds being commanded by early-stage AI startups, crunching the numbers on how much compute data centers need to sell before they're profitable, Polymarket asks who will be the next CEO of X and MUCH MUCH MORE.Join us for the longest-running and most in-depth podcast on Earth for startup founders.Timestamps:(00:00) INTRO(01:31) Jason's in SF with LAUNCH Accelerator cohort 34… His take on the mood in Silicon Valley.(07:52) Odd X posts from Bedrock Capital's Geoff Lewis… what does it all mean?(10:09) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(14:44) Ask JCal: What founders can do to guard their own mental health and well-being(20:17) Northwest Registered Agent. Form your entire business identity in just 10 clicks and 10 minutes. Get more privacy, more options, and more done—visit https://www.northwestregisteredagent.com/twist today!(22:04) Thinking Machines Lab set a new record for a seed round: what's going on with these MEGA deals?(28:51) Alex (and Kabir from LAUNCH's research team) investigated the economics of data centers… just HOW MUCH can you make from selling compute? And how long does it TAKE to turn a profit?(30:52) Bolt - Don't be left behind. Build apps quickly without knowing how to code with Bolt.new. Try it free at https://www.bolt.new/twist.(37:09) Superintelligence vs. AGI: Jason thinks we're still more than 2-3 years away…(39:52) GPx is not a traditional VC fund: here's what industry vet Brian Singerman is up to(49:37) The importance of setting your own corporate culture… before it gets set for you!(58:15) Polymarket has ideas for the next X CEO… see where Jason ranks on the list!(01:03:18) Reddit wants to know… Do investors judge founders negatively who rely on lots of AI tools?Subscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpFollow Lon:X: https://x.com/lonsFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisThank you to our partners:(10:09) Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist(20:17) Northwest Registered Agent. Form your entire business identity in just 10 clicks and 10 minutes. Get more privacy, more options, and more done—visit https://www.northwestregisteredagent.com/twist today!(30:52) Bolt - Don't be left behind. Build apps quickly without knowing how to code with Bolt.new. Try it free at https://www.bolt.new/twist.Great TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.comSubscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916