Podcasts about SOC

At Infosecurity Europe 2026, Matt Middleton-Leal, Regional Vice President for Qualys across Northern Europe, joins Sean Martin inside the Risk Operations Center built into the Qualys booth. The premise is blunt: cybersecurity has spent years getting good at measuring risk and almost no time getting good at fixing it. The Risk Operations Center, or ROC, is the Qualys answer to that imbalance. So what is a ROC? It is not a product. Middleton-Leal describes it as an operating model that pulls scattered risk signals together, ranks them by business context and financial impact, and drives them toward remediation. If a SOC looks in the rearview mirror at what already happened, the ROC looks through the windshield at the risk ahead. Why now? Because risk moves at machine speed. In an AI-driven world of frontier models and autonomous agents, Middleton-Leal argues that remediation tied to service desk tickets is already too slow. He shares what happens when a client prepares to deploy tens of thousands of new agents before anyone knows what those agents touch or where their data goes. The example that lands hardest is a number: 62 million risk findings across one client's combined tooling. Middleton-Leal walks through how threat intelligence, business context, and safe exploitability testing collapse that figure to under one percent of fixes that genuinely reduce loss. It is a concrete look at how to prioritize remediation instead of drowning in dashboards. There is a quieter shift underneath it all: financial risk quantification, long reserved for the largest banks, reaching companies that never had the analysts to build it. Working with Richard Seiersen, Chief Risk Technology Officer at Qualys, the company is building ways to answer questions like what a ransomware event would likely cost a business in your sector and region. Middleton-Leal closes with the one place every organization should start, whether they use Qualys or not. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Middleton-Leal, Regional Vice President, Northern Europe, Qualys LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ RESOURCES Qualys: https://www.qualys.com ITSPmagazine Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Richard Seiersen, Chief Risk Technology Officer at Qualys, co-author of "How to Measure Anything in Cybersecurity Risk" Connect with Matt Middleton-Leal on LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Middleton-Leal, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, Risk Operations Center, ROC, risk remediation, cyber risk quantification, exposure management, vulnerability management, Richard Seiersen, AI security risk, Infosecurity Europe 2026, machine speed remediation, security operations Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe 2026 in London, Bill Peterson, Senior Director of Product Marketing at Sumo Logic, joins us to unpack a tension every regulated security team knows well. When an incident hits, the business has to keep running. At the same time, regulators expect sensitive data to stay in region. For a long time, those two demands have pulled in opposite directions. Sumo Logic has spent 15 years as a SaaS platform on AWS, processing roughly four exabytes of data a day for around 2,000 customers. The core promise is speed, driving mean time to resolve as low as possible. Peterson frames it in business terms, because the person signing the check wants to know the return, not the bits and bytes. The news from the show is Sumo Logic availability on the AWS European Sovereign Cloud. EU organizations can keep their data in region, handled by EU staff, while still running the full platform for incident response. That turns a painful either/or into a checklist a regulated buyer can complete. Genesys is the first customer live in the sovereign cloud, with payment processor OpenPay preparing to follow. How does this play out for highly regulated industries? Sumo Logic is focused on finance, healthcare, telco, and government, the verticals feeling the most pressure. The path Peterson describes is simple: let Sumo Logic handle incident management, let AWS move and grow the data in region, and check the sovereignty box without giving up operational readiness. Underneath sits a full-featured SIEM and Dojo AI, the agentic approach Sumo Logic launched earlier this year. The goal is not to replace analysts but to keep a human in the loop while handing proven, repetitive work to an agent. Fix one server, confirm the solution, then let an agent patch the other 599 under oversight. A SOC Analyst Agent reaches general availability at Black Hat later this year, alongside an MCP server. On observability, the differentiator is reading both structured and unstructured data without normalizing it first. A zip code is structured; a cryptic web hook error is not. Sumo Logic reads both, which feeds directly into faster time to identify and faster time to resolve. For any leader weighing sovereignty against uptime, Bill Peterson makes a clear case that they can finally live in the same plan. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Bill Peterson, Senior Director of Product Marketing, Sumo Logic LinkedIn: https://www.linkedin.com/in/williampetersonjr/ RESOURCES Learn more about Sumo Logic: https://www.sumologic.com/ Sumo Logic on the AWS European Sovereign Cloud (announced at Infosecurity Europe 2026): https://www.sumologic.com/newsroom Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Bill Peterson, Sumo Logic, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AWS European Sovereign Cloud, data sovereignty, incident response, mean time to resolve, SIEM, security operations, Dojo AI, agentic AI, SOC analyst agent, observability, log analytics, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join us for this week's Defender Fridays as Carlo Anez, Founder and Lead Instructor at IgniteCyber Academy and DEFCON Training Instructor, breaks down how to build practical blue team skills using open-source labs, MITRE ATTACK, and real-world defender workflows, and where AI fits into the picture without replacing the analyst.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this episode, Carlo Anez draws on years of SOC operations, detection engineering, and cybersecurity instruction to make the case for hands-on, open-source training as the foundation for developing confident, capable defenders.Key Topics:Why cybersecurity training must move beyond passive learning and into real defender workflowsHow the OpenSOC initiative uses open-source tools like Wazuh, MISP, The Hive, and TimeSketch to simulate a small-scale fusion center environmentHow open-source stacks build transferable skills that translate to enterprise platforms like Splunk and LimaCharlieWhere AI fits in the SOC: summarizing noisy alerts, mapping activity to MITRE ATT&CK, drafting investigation questions, and improving report clarityWhy AI literacy means knowing how to validate AI output against evidence, not just knowing how to write promptsWhy the analyst owns the evidence, the decision, and the communicationHow the DEF CON boot camp and online pilot program structure five days of scenario-based training around a final analyst report and CTF capstoneAbout Our GuestCarlo Anez is the Founder and Lead Instructor at IgniteCyber Academy and a DEFCON Training Instructor. He spent five years at Rapid7 doing detection engineering, threat hunting, and DFIR workflows, and has supported SOC operations, government contractors, and projects with DARPA, the US Army, and the US Navy. He currently creates SOC-focused content with TCM Security and leads Blue Team Village at DEF CON, where he also presents and trains annually.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.Why LimaCharlie?Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieioX: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - Founder at LimaCharlieGuest: Carlo Anez - Founder & Lead Instructor at IgniteCyber Academy

RJ Talyor is the Founder and CEO of Backstroke a AI for eCommerce generative content platform for email marketers. Instantly create on-brand, high-performing email subject lines, preview text, mobile push notifications, and SMS messages.Summary of PodcastPodcast introduction and guest backgroundGraham and Kevin introduce the Next 100 Days Podcast and welcome RJ Talyor from Indianapolis. RJ describes Indianapolis as offering the best of a big city with a small-city feel, with about a million people, great sports, culture, food, and good cost of living. He has traveled extensively but always enjoys returning home.Backstroke's AI email generation platformRJ introduces Backstroke.com, which generates performant email campaigns for e-commerce retailers selling clothes, pet food, furniture, and other products online and in-store. E-commerce brands typically expect 20-50% of revenue from email marketing while sending 3-5+ emails weekly, with customers spending 8-12 hours per campaign. Backstroke reduces this to approximately 15 minutes while personalising content so each customer receives a different message tailored to their interests and behaviour.Personalisation through data and engagement Backstroke personalises emails using multiple data layers: subscriber status, past engagement (opens, clicks, conversions), and appended third-party data revealing demographics like age, location, and gender. When additional data is unavailable, the platform uses progressive profiling—analysing engagement patterns to infer preferences. For example, if a customer consistently clicks on men's content over women's content, or prefers dark-coloured shirts over light ones, AI identifies these patterns to drive personalisation, which is more effective than manual analysis.Real-world personalisation: from negative to advocateGraham shares a personal story about Son of a Tailor, a Portuguese apparel brand, where his initial experience was poor—they sent him a shirt too short for his frame. However, the company responded exceptionally well, ultimately creating a monogrammed, high-quality shirt that transformed him into an advocate. RJ explains this is valuable data: AI can flag customers who experienced negative-to-positive journeys as potential super-fans or loyalty advocates, a pattern most marketers miss because they lack time to identify such nuanced customer experiences.AI pattern recognition beyond traditional metricsTraditional RFM (Recency, Frequency, Monetary) models reduce customers to transactional data, but AI can extract signal from unstructured data to identify complex patterns. For instance, AI can recognize when a customer buys different sizes (suggesting purchases for others) or when multiple preferences exist within one account—like RJ's Spotify feed where his children's music preferences mix with his own. AI discerns these overlapping patterns that aren't immediately obvious to humans, enabling more sophisticated segmentation.Team expertise and company historyRJ co-founded Backstroke with his wife Allison, who holds a PhD in deep data analysis and chemical reagents, bringing statistical rigour and predictive modelling expertise. RJ's background includes starting Pattern89 in 2016, an AI company predicting Instagram and Facebook clicks using computer vision and natural language processing, which he sold to Shutterstock. Many Pattern89 team members joined Backstroke, bringing 10 years of AI-based marketing experience, while the team continuously innovates with new foundational models from Anthropic and OpenAI.Implementation results and Surge featureBackstroke achieves an average 30% uplift in conversion rates for new clients. Implementation typically takes about a month for full transformation, but recognising customer demand for faster results, the company launched "Surge," enabling campaigns to launch in 48 hours. This rapid-deployment feature demonstrates predictive capabilities quickly, satisfying customers who want immediate proof before committing to full onboarding.Email variants and human approval at scaleWhile technically capable of generating 10,000+ unique email variants, Backstroke has found that customers require human review of every variant version. Current implementations range from 60-100 variants, with combinations of hero images, subject lines, and templates creating exponential possibilities. The company is building QA agents to enable scaling to millions of variants while maintaining human oversight, recognizing that creative teams ultimately bear responsibility for brand representation.Brand guidelines versus performance metricsA fundamental tension exists between brand teams (who enforce guidelines like "models must face forward" or "only use this colour") and performance marketers (who know "shirts perform better laid on a bed than on a human"). RJ explains this is often gut-feel decision-making based on outdated tests—teams cite tests from a year ago by employees who've since left, creating stale guidelines. AI enables rapid testing of creative variations to identify incremental opportunities, but requires organisational willingness to experiment beyond established brand rules.Customer selection philosophyRather than trying to convince resistant customers to embrace AI, RJ focuses on the "one in 10" truly innovative marketers willing to change. He learned from his previous business that most prospects claim interest but quickly reveal organizational barriers requiring approvals. His strategy is to identify customers genuinely committed to transformation and willing to pay, directing others to resources instead. This approach conserves energy for high-potential partnerships where AI can deliver real impact.Backstroke's core value propositionBackstroke solves the "what" problem: what content, subject line, preview, template, hero image, product display, and offer to send to each person. The platform knows that 46% of clicks occur in the first 400 pixels, so it optimizes that space differently for men versus women, loyal customers versus new ones, and geographic regions. This focused specialization on content optimization is Backstroke's primary value, distinct from solving "when" (send time) or "who" (segmentation) problems.Practical tips for email marketersFor marketers using standard LLMs without specialised platforms, RJ recommends uploading all previous email data and creative assets, then asking the machine to identify winning creative dimensions. This approach reveals patterns in subject lines, imagery, copy length, and offers without requiring subscriber-level analysis, enabling better-than-average results for those without access to specialised tools.Email frequency paradox and engagementKevin raises frustration with receiving excessive emails from companies he likes, asking if AI can enable sending less email while achieving better results. RJ explains that higher engagement with personalised content could theoretically reduce frequency, but email is fundamentally a frequency game—brands send multiple emails weekly to stay top-of-inbox when customers are ready to buy. However, deliverability depends on engagement (opens, clicks), so sending irrelevant content backfires. Backstroke solves the "what" problem, but send-time optimisation and segmentation (the "when" and "who") remain separate challenges.Market focus and customer examples Backstroke focuses exclusively on B2C e-commerce in North America due to language complexity and GDPR privacy requirements in Europe. The platform serves impulse-purchase categories (apparel, furniture, bedding) differently than considered purchases (mattresses, cars), with separate trained models for each. Notable customers include Third Love (women's intimates), Cozy Earth (bedding), Helix (mattresses), and Emile Henry (cookware), representing the apparel and home goods verticals where Backstroke has developed deep expertise.Future roadmap: predictive marketing agentsRJ's 18-month roadmap focuses on building predictive marketing agents that complete marketing tasks generatively while humans serve as brand stewards and strategists. This vision extends beyond email to SMS, apps, and landing pages, with personalisation as a core feature. Graham notes the challenge of making such systems intuitive enough for non-technical users, reflecting the broader industry shift toward AI-augmented rather than AI-replaced marketing roles.European expansion and compliance strategyWhile Backstroke is currently North America-focused, RJ is open to European partnerships but wants to be proactive about compliance. GDPR itself isn't a blocker, but European customers require security documentation and certifications that Backstroke hasn't yet obtained. The company recently achieved SOC 2 compliance (required by enterprise businesses) and plans to secure necessary privacy certifications before entering European markets, avoiding disqualification during sales cycles.Podcast analysis and key takeawaysIn the wrap-up, RJ praises the podcast for getting past fluff into real marketing challenges, appreciating the nitty-gritty discussion of how marketers actually work. Graham and Kevin reflect that the conversation revealed AI's potential to solve the "what" problem while highlighting remaining challenges in "when" and "who" decisions. They note that Kevin's observation about sending less email...

Finding a needle in a haystack would seem like a minor endeavor compared to what today's federal systems managers must face. Let's take a stab at a correct farmyard analogy – the haystacks double in size every day and are moving. That sounds like an exaggeration, but recent reports show that nine million zero-day exploits are released every day. AI is putting malicious actors on steroids. Chris Townsend, Global Vice President of Public Sector at Elastic, discussed the company's role in federal cybersecurity and data management. His argument is, essentially, that cybersecurity is a data problem. If threats are viewed from that perspective, the more data you can bring into your security environment, the more effective you are at defending it. Elastic enables security operations analysts      who are responsible for detecting threats to keep up with today's tlandscape and cyber-attack velocity. Elastic's platform and tools     can reduce false positives and help federal security operations centers (SOCs) prioritize valid threats. Townsend highlighted Elastic's agentic AI tools, which help SOC operators prioritize and remediate threats, reducing mean time to detect and respond.  Elastic's partnership with CISA for a managed  Security Information and Event Management (SIEM) as-a- service was also mentioned, emphasizing the importance of standardizing data for effective AI-driven cybersecurity. Townsend goes on to articulate Elastic's launch of a SIEM-as-a-Service offering for federal civilian agencies, featuring Elastic Security on Elastic Cloud. SIEMaaS delivers a cloud-based platform for next-generation, AI-powered threat analytics, incident response, and open-standards-based cybersecurity data ingestion. Here is a link to Chris' blog describing     CISA's SIEMaaS offering and how it supports federal agencies' cybersecurity posture while reducing costs

At Infosecurity Europe 2026 in London, Matt Ellison, Director of Sales Engineering EMEA & APAC at Corelight, joins Sean Martin to unpack the visibility gap widening across security operations. The SOC is either drowning in data or missing the data that matters most. Corelight, custodian of the open-source Zeek project, builds a platform that turns raw network traffic into evidence teams can actually use. Why do today's most evasive attacks slip past endpoint detection? Because they are designed to. Ellison points to typhoon-style campaigns staged from network and hardware devices specifically to avoid EDR. When a platform sees all of the network traffic moving backwards and forwards, those moves stop being invisible. Seeing more is only half the battle. Ellison describes teams trapped by a fear of missing something, switching on every "just in case" detection until alert volume becomes its own crisis. The real question shifts from "what fired" to "what does this actually mean for my environment." How do you investigate a detection you cannot see inside? A black box hands down a verdict with no evidence behind it. Corelight takes an open approach, exposing the data behind every conclusion so analysts can follow a flow to its root cause and apply the one thing no vendor ships: their own knowledge of the network. The proof tends to show up fast. Ellison recalls a proof of value where, within thirty minutes, the team surfaced sensitive information moving unencrypted across the network. Other finds are smaller but telling, like a finance team's certificate using a weak cipher. Corelight even names its catch-all logs plainly, the "weird" log and the "unknown" log. Visibility feeds compliance too. Frameworks like NIS2, DORA, and GDPR demand evidence, not a tool humming in the corner that no one reviews. Ellison previews a coming release that adds asset classification, identifying every device on the network and explaining the why behind it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Ellison, Director of Sales Engineering EMEA & APAC, Corelight LinkedIn: https://www.linkedin.com/in/matthewrellison/ RESOURCES Learn more about Corelight, including customer stories: https://corelight.com Zeek, the open-source NDR project Corelight maintains: https://zeek.org Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Ellison, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, network detection and response, NDR, Zeek, open source security, network visibility, threat hunting, SOC alert fatigue, EDR evasion, encrypted traffic analysis, NIS2, DORA, GDPR, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this special Founder Initiative pitch episode, four cybersecurity founders pitch their startups live to Robert Lowry, CSO of Tonic AI and former security leader at organizations including NASDAQ and the Federal Reserve Bank. Robert Lowry- https://www.linkedin.com/in/lowryrobert/ The conversation covers some of the biggest emerging enterprise security challenges around AI agents, shadow AI, runtime protection, memory systems, cybersecurity data infrastructure, and modern SOC operations. Featuring: * IceGuard — next-generation AI-native cybersecurity data infrastructure - Anders Holden, https://www.linkedin.com/in/andersbholden/ * Optimus Labs — agent defense and AI runtime governance - Nipun Gupta - https://www.linkedin.com/in/guptanipun/ * KeyCaliber — AI usage visibility and cybersecurity asset intelligence - Roselle Safran - https://www.linkedin.com/in/rosellesafran/ * Dyng/Pilot AI — AI memory and contextual learning systems - Ricardo La Rosa - https://www.linkedin.com/in/ricardo-larosa/ Instead of polished demos and sales decks, this episode captures real buyer reactions, live feedback, objections, and the kinds of questions enterprise security leaders actually ask before considering a product. If you're building for CISOs, enterprise security teams, or AI infrastructure buyers, this episode gives a rare inside look at how technical buyers evaluate early-stage startups in real time.

Industry experts estimate synthetic identity fraud costs the financial industry as high as $95 billion a year, and the most damaging attacks pass every verification check without triggering a single alert.Tedd Huff, CEO of fintech advisory firm Voalyre and founder of Fintech Confidential, brings 25 years of payments and fraud infrastructure experience to a direct conversation with Hal Lonas, Chief Technology Officer of Trulioo, the identity verification platform trusted by Google, JP Morgan Payments, Stripe, Airbnb, and Meta.Lonas explains why detection rates hide more than they reveal, how fraudsters now add intentional imperfections to AI-generated deepfakes to beat detection systems, and why agentic commerce requires an entirely new verification layer beyond KYC and KYB. The conversation covers Trulioo's Know Your Agent (KYA) framework, the Digital Agent Passport, Google's Agent Payments Protocol (AP2), and the privacy regulation debate most compliance teams have not fully worked through.Find out more1️⃣ Ask your identity vendor for their false negative rate, not just their detection rate, and demand specific numbers.2️⃣ Build continuous monitoring into your post-onboarding workflow so your system is still watching on day 30, 60, and 90.3️⃣ Audit every automated decision model in your stack and document the logic before your next regulatory exam.4️⃣ Map your verification flow and tier friction based on real-time risk signals instead of running flat checks on every customer.5️⃣ Get your compliance and growth teams in the same room with a shared dashboard showing fraud loss rates and abandonment rates side by side.Guest:Hal Lonas LinkedIn: https://www.linkedin.com/in/hal-lonas-4555b1Hal Lonas X: https://x.com/hal_lonasCompany:Trulioo: https://www.trulioo.comFintech Confidential:Podcast: https://fintechconfidential.com/listenNotifications: https://fintechconfidential.com/accessLinkedIn: https://www.linkedin.com/company/fintechconfidentialX: https://x.com/FTconfidentialInstagram: https://www.instagram.com/fintechconfidentialFacebook: https://www.facebook.com/fintechconfidentialSupporters:Under.io streamlines application and underwriting by digitizing PDFs for digital signature: under.io/FTCSkyflow is a zero trust data privacy vault delivered as an API, covering PCI, CCPA, GDPR, SOC 2, and beyond: skyflowsecure.comDFNS provides wallets as a service, API first, multi-chain, secured with MPC, used by Stripe, Fidelity, and others: fintechconfidential.com/dfnsHawk AI offers real-time payment screening, AML monitoring, and dynamic customer risk rating to reduce false positives: gethawk.comAbout:Hal Lonas is the Chief Technology Officer of Trulioo, where he leads technology strategy, product development, and engineering. He co-founded BrightCloud, a cloud-native threat intelligence company, and previously served as CTO at Webroot, Carbonite, and OpenText before joining Trulioo in 2021.Trulioo is a global identity verification platform operating across 195 countries, covering 14,000+ ID document types, 6,000+ watchlists, and 700 million business entities.Tedd Huff is CEO of Voalyre and founder of Fintech Confidential. The show is produced by DD3 Media and brings you the people, tech, and companies that change how you pay and get paid.Chapters: 00:00 Introduction01:28 Meet Trulioo CTO02:48 From Space to Security04:11 Dfns: Wallets as a Service (sponsor)05:32 Sleeper Accounts Explained08:33 False Negatives Metric11:43 Explainable Adaptive ML13:23 Deepfakes Raise Stakes15:03 Asymmetric Defense Signals17:51 Privacy Versus Safety21:25 Sky Flow: Building Fast and Secure (sponsor)22:27 Friction Based Risk24:16 Case Study ConsenSys26:04 Know Your Agent Future27:52 Agent Passport Checks32:43 Open Standards AP234:35 Are Defenders Losing36:05 Leader Advice Wrap40:37 Final Thoughts and Outro41:36 Hawk AI - Realtime Fraud Monitoring (sponsor)42:23 DisclaimerDisclaimer: The information provided in this episode is for informational purposes only and should not be considered financial, legal, or investment advice.#syntheticidentityfraud #identityverification #KYC #KYB #agenticcommerce #KnowYourAgent #deepfakedetection #fintechfraud #fraudprevention #AML #trulioo #AP2 #GoogleAP2 #AIfraud #fintechcompliance #fintechconfidential

AI governance doesn't happen by accident - it requires a structured strategy, clear accountability, and effective execution. As the world's first international standard for AI Management Systems (AIMS), ISO/IEC 42001 is becoming the global gold standard for responsible innovation. In this expert masterclass, InfosecTrain provides a comprehensive walkthrough of the implementation journey, taking you from initial strategy to full-scale operational execution.The "course titled" ISO 42001 Lead Implementer Training is specifically designed to help organizations bridge the gap between AI experimentation and enterprise-grade governance. We break down the lifecycle of building an AIMS, from performing a critical gap analysis to integrating AI-specific controls into your existing business and compliance frameworks. Learn how to manage the unique risks associated with machine learning while maintaining the agility required for 2026's fast-moving technological landscape.

Two Onc Docs, hosted by Samantha A. Armstrong, MD, and Karine Tawagi, MD, is a podcast dedicated to providing current and future oncologists and hematologists with the knowledge they need to ace their boards and deliver quality patient care. Dr Armstrong is a hematologist/oncologist and assistant professor of clinical medicine at Indiana University Health in Indianapolis. Dr Tawagi is a hematologist/oncologist and assistant professor of clinical medicine at the University of Illinois in Chicago.In this episode, OncLive On Air® partnered with Two Onc Docs to provide a comprehensive review of data from the phase 3 RASolute 302 trial (NCT06625320), a landmark study presented at the 2026 ASCO Annual Meeting that has established daraxonrasib (RMC-6236) as the new standard of care (SOC) for the second-line treatment of patients with metastatic pancreatic adenocarcinoma.The discussion began by highlighting the historical context of second-line treatment, where standard chemotherapy options like FOLFOX (leucovorin calcium, fluorouracil, and oxaliplatin) or gemcitabine-based regimens typically yielded a median overall survival (OS) of only approximately 6 to 7 months. Although RAS mutations drive approximately 90% of pancreatic cancers, they were historically considered undruggable. Daraxonrasib addresses this challenge with its mechanism of action of an oral, RAS(ON), multi-selective, tri-complex inhibitor that targets the active GTP-bound state of both mutant and wild-type RAS, covering variants at codons G12, G13, and Q61.The RASolute 302 trial was an international, open-label study that randomly assigned patients with progression after 1 prior line of therapy to receive either daaxonrasib or investigator's choice of chemotherapy. In the RAS G12–mutated subpopulation of patients, daraxonrasib generated a higher median OS compared with chemotherapy. Similar benefits were observed with daraxonrasib in the overall population, where the median progression-free survival nearly doubled.Drs Armstrong and Tawagi emphasized that the toxicities associated with daraxonrasib are highly clinically relevant and distinct from the myelosuppression seen with chemotherapy. Key adverse effects (AEs) include dermatologic events, diarrhea, and stomatitis. Management of these AEs is critical; the hosts recommended the use of prophylactic oral antibiotics and topical corticosteroids to manage rash, alongside standard oral care for mucositis. Despite being associated with these AEs, daraxonrasib was better tolerated than chemotherapy, with a low treatment discontinuation rate due to AEs.Daraxonrasib is currently accessible in the US through an Expanded Access Program and is undergoing accelerated review for full FDA approval. The experts noted that the agent is being further investigated in the frontline setting through the phase 3 RASolute 303 trial (NCT07491445) and in the adjuvant setting via the phase 3 RASolute-304 trial (NCT07252232), potentially expanding the agent's effect across the continuum of pancreatic cancer care.

In dieser Folge von „Cyber Security ist Chefsache" sprechen Nico und Ann-Katrin in einer Solo-Folge ohne externen Gast über ein Thema, das längst überfällig ist: die Cybersecurity-Kultur in Israel. Rund 10 Prozent des globalen Cybersecurity-Marktes kommen aus dem kleinen Land. Wichtig vorab: Die beiden wollen bewusst nicht politisch diskutieren, sondern den Blick darauf richten, was wir uns von einem Land abschauen können, das beim Thema Cyber seit Jahren Vorreiter ist.Nico war in den letzten Jahren mehrfach vor Ort und teilt sehr persönliche Eindrücke. Besonders eindrücklich: ein Besuch im SOC eines israelischen Energieversorgers, wo er statt einer niedrigen fünfstelligen Zahl an „Angriffen pro Jahr" mit knapp 11.000 potenziellen Angriffen pro Sekunde konfrontiert wurde. Genau diese Realität, sagen Nico und Ann-Katrin, formt eine Gesellschaft, die Cyber nicht als IT-Thema versteht, sondern als selbstverständlichen Teil ihrer Lebensrealität.Ein zentraler Teil der Folge dreht sich um die israelische Ausbildung und das Mindset. Talente werden bereits mit 16 in der Schule für Eliteeinheiten wie die Unit 8200 gescoutet. Nico erzählt von einem Gespräch mit einem dortigen Ausbildungsleiter, in dem er deutsch-pragmatisch fragte, warum man sechsstellige Summen in Menschen investiert, die später in die freie Wirtschaft wechseln. Die Antwort: „Weil ich die besten Menschen für mein Land ausbilde, egal wo sie später arbeiten." Genau dieser Mindset-Shift ist für beide einer der wichtigsten Lerneffekte.Spannend wird es bei der ehrlichen Diskussion darüber, was Deutschland tatsächlich übernehmen kann. Beide plädieren dafür, Medienkompetenz und Cyber-Bildung deutlich früher in Schule und Ausbildung zu verankern, jungen Talenten echte Verantwortung zuzutrauen und die deutsche „Seniority-Falle" zu hinterfragen. Sie machen aber auch klar: Israel hat eine andere Realität, kopieren wäre falsch, übersetzen aber dringend nötig.Im Gespräch geht es außerdem um:Warum „Cyber-Nation Israel" weit mehr ist als Unit 8200 und Tel Aviv Start-upsWie ein nationaler Energieversorger mit Angriffsvolumen umgeht, das deutsche Unternehmen kollabieren ließeWarum Talente in Israel früh in Verantwortung kommenWie Cyber-Bildung in der Schule beginnen müsste, nicht als Wahlfach, sondern als gesellschaftliches PflichtthemaWarum das Mindset „Ich bilde meine Leute aus, egal wo sie hingehen" auch ein deutsches Industrie-Thema sein sollteDie ambivalente Seite, Grauzonen und GreyhatsWie wir die deutsche Bürokratie als Realität anerkennen, ohne sie als Ausrede zu nutzenDie zentrale Schlussfrage: Geldproblem oder Gesellschaftsfrage?____________________________________________

This Week In Startups is made possible by:Grasshopper Bank https://grasshopper.bank/twistVanta https://www.vanta.com/twistRender https://render.com/twistPlaud https://Plaud.ai/twistToday's show:Anthropic wrote a blog post calling for a global AI slowdown. Meanwhile, Sen. Bernie Sanders wants the government to seize 50% of every major AI company's stock. Find out why JCal is reconsidering universal basic (or even high!) income policies, and why he thinks the 2028 presidential election will likely come down to AI policies.PLUS a live ComfyUI demo from founder Yoland Yan. Find out why the free-to-use open-source node-based platform has become a crucial part of millions of designers' and VFX experts' workflows, and how their tool has been used to create everything from “The Wizard of Oz” at the Vegas Sphere to those viral Coca-Cola holiday ads.GuestYoland Yan: http://x.com/yoland_yanComfyUI: https://comfy.org/AI Models and ToolsIdeogram 4.0: https://ideogram.ai/models/4.0/Stable Diffusion: https://stability.ai/LTX Video: https://github.com/Lightricks/LTX-VideoLoRa: https://huggingface.co/docs/diffusers/training/loraGoogle Veo: https://deepmind.google/models/veo/Relevant Links:Anthropic: “When AI Builds Itself”: https://www.anthropic.com/institute/recursive-self-improvementBernie Sanders: “The Public Should Own Half of the Big AI Companies”: https://www.sanders.senate.gov/op-eds/the-public-should-own-half-of-the-big-a-i-companies/Bloomberg: “Sam Altman-Backed Group Completes Largest US Study on Basic Income”: https://www.bloomberg.com/news/articles/2024-07-22/ubi-study-backed-by-openai-s-sam-altman-bolsters-support-for-basic-incomeTimestamps:0:00 Guest 1: Yoland Yan, ComfyUI — live demo intro2:06 Plaud: If your work depends on conversations — interviews, meetings, calls — you need a Plaud NotePin. You can check it out at https://Plaud.ai/twist and use code TWIST for 10% off!4:34 Guest 1: Yoland Yan, ComfyUI — live demo intro9:47 Grasshopper Bank - Time is money. Don't waste either. Go to https://grasshopper.bank/twist and get an exclusive $500 cash bonus just for opening an account.20:05 Vanta - Get $1000 off your SOC 2 at https://www.vanta.com/twist22:24 What is Outpainting?30:01 Render - Find out why 5 million developers are already using the all-in-one cloud platform, Render. Go to https://render.com/twist and apply for the Render Startup Program to get $500-$100,000 in free credits, depending on your stage and backers.32:13 Jason's insider sales team advice38:42 LA mayoral race: Bass vs. Pratt42:25 Anthropic wants AI to slow down?48:45 Will Sen. Sanders' argument resonate with the public?59:39 Why 2028 will be the AI jobs election1:05:32 Brian Chesky's new AI lab1:15:21 Jason's "Mandalorian and Grogu" review1:18:53 YouTubers take over the box office1:24:16 Dean Potter vs. Alex HonnoldSubscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpFollow Lon:X: https://x.com/lonsFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisCheck out all our partner offers: https://partners.launch.co/Great TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.com

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Miasma worm campaign. Researchers document the first AI-driven container escape. A browser supply-chain compromise and a university breach with unexpected victims. Our guest is Ashu Savani, Co-Founder at TryHackMe, discussing building high performing SOC & IR teams. The web becomes machine majority. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, we are joined by Ashu Savani, Co-Founder from TryHackMe, discussing building high performing SOC & IR teams. You can listen to the full conversation here. Selected Reading US National Security Agency using Anthropic's Mythos for cyber attacks (Financial Times) Trump considers Palantir exec to lead CISA (The Record) CISA Warns of Active Exploitation of Linux Container Escape Flaw (Beyond Machines) Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns (McAfee Blog) Detecting Claude Cowork Insider Threat Activity (DTEX) Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp (Endor Labs) Agentic threat actor hits the orchestration plane: AI agent-driven container escape (Sysdig) You do surprise me.exe: An unexpected executable in Hola Browser (SOPHOS) My SSN was exposed in a breach at Columbia—a school I have no connection with (Ars Technica) ‘Bots have now passed human traffic online,' Cloudflare boss laments — says agentic traffic wasn't expected to eclipse real people until next year (Tom's Hardware) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this sponsored Soap Box edition of the Risky Business podcast Patrick Gray chats with Edward Wu, founder of Dropzone, about what AI is doing to detection, response and the SOC more generally. Dropzone makes AI agents that conduct alert investigations in your SOC, but will the SOC as we know it even exist in the future? Ed has a deep expertise in SOC tech, having previously led AI/ML detection engineering at Extrahop. This interview is a fantastic look at what the future may bring for detection and response professionals. This episode is also available on YouTube Show notes

Why the Most Profitable Prompt Engineers Never Call Themselves That Episode Summary Online entrepreneurship myths are costing AI entrepreneurs thousands. In this episode, we expose why the anti-AI approach to building freelance income ideas is the secret weapon parents are using to escape the side gig treadmill—and how rejecting commodity AI tools unlocks real, sustainable income. Based on years of contrarian insights. https://DarkHorseEntrepreneur.com Sponsor: https://Hostinger.com/DARKHORSE20 and use code DARKHOUSE20 for 20% off. Discover how to build a six-figure "invisible" AI consulting business by positioning yourself as a workflow optimization specialist rather than an AI consultant. Learn the exact language, positioning strategies, and retainer models that land enterprise contracts paying $2,500-$5,000 monthly - all while keeping the AI technology completely invisible to clients who just want their problems solved. Key Moments 00:00 - Opening: 34-year-old built an invisible B2B prompt agency 01:10 - The Core Problem: Most people selling the wrong thing to the wrong people using the wrong language 02:05 - The Enterprise Truth: Fortune 500 companies don't buy AI - they buy outcomes. 04:10 - The Language That Sells: Instead of "AI prompt engineer," you say 06:15 - The Retainer Model: the MRR that separates this from every other AI side hustle. 07:05 - The Credibility Requirements 09:40 - The Budget Reality 10:25 - The Uncomfortable Truth 13:25 - The Whiskered Wisdom Resources Mentioned AI Escape Plan Newsletter: For parents ready to break free from the 9-to-5 grind Workflow optimization vs. AI consulting positioning Enterprise compliance requirements (SOC 2, data handling practices) Industry association strategies for credibility building Sponsor: https://Hostinger.com/DARKHORSE20 and use code DARKHOUSE20 for 20% off. Action Item Identify one business process that takes more than 5 hours per week and involves repetitive decision-making. Document it step-by-step, time each step, and note where delays and errors occur - this becomes your first "process audit" that enterprises will pay thousands to create.  

The CEO of Sophia Space, Rob DeMillo, is here to explaining what's different about space startups in 2026 vs. five years ago. Plus Nvidia announced a new Soc the RTX Spark which combines 20-Core Grace CPU With a 5070-Like Blackwell GPU and a partnership with Microsoft that will see a version of Windows for the platform. And we've got a special space movie quiz to help end the week. Starring Sarah Lane, Tom Merritt, Robb Dunewood, Rob DeMillo, Len Peralta, Roger Chang, Joe. To read the show notes click here! Support the show on Patreon by becoming a supporter!

Tony: -Carbonation Station: C4 Jolly Ranchers -Asus ProArt P16 (Timely): https://press.asus.com/news/press-releases/asus-proart-p16-p14-mini-pc-nvidia-rtx-spark-computex-2026/ -Nvidia consumer SoC breaks cover (Timely): https://www.engadget.com/2184558/nvidia-rtx-spark-chip-windows-pcs/ -Bambu A2L (lightning): https://3dprintingindustry.com/news/new-bambu-lab-a2l-3d-printer-technical-specifications-and-pricing-252057/ Jarron:  -A single-dose drug can drastically lower your cholesterol:⚡ https://arstechnica.com/health/2026/05/one-dose-of-gene-editing-drug-cut-bad-cholesterol-62-for-months-in-small-trial/ -Timely-AMD socket support is unparalleled:⚡ https://arstechnica.com/gadgets/2026/06/amd-extends-socket-am5-support-through-at-least-2029-am4-refuses-to-die/ -But also, their output is just pretty sad lately:⚡ https://www.theverge.com/tech/940524/amd-computex-am5-promise-2029-rx9070gre-7700x3d-5800x3d -Timely-Slate truck goes up for preorder on June 24th:⚡ https://www.engadget.com/2183143/slate-ev-truck-pre-orders-will-open-on-june-24/ Owen: -The risks of building on Open Source technology https://arstechnica.com/gadgets/2026/05/inside-the-fight-to-force-vizio-to-share-linux-based-source-code-for-its-tvs-os/ Lando: -Distributed Data Center! SPAN wants to use your home to host AI Servers! https://arstechnica.com/ai/2026/05/the-newest-ai-boom-pitch-host-a-mini-data-center-at-your-home/

Send us Fan MailThe breach that takes down a company often does not kick in the front door. It walks in through a “simple” integration you set up months ago, powered by a token no one remembered to rotate. We start with a real-world Zapier-style scenario and unpack how researchers chained together a harmless-looking code block, an AWS Lambda environment, and a misconfigured IAM role to reach private repository files and ultimately an NPM token that could enable a supply chain attack.From there, we zoom out to the bigger cloud security problem: non-human identities. Service accounts, API keys, and OAuth tokens multiply fast, and they are frequently overprivileged, poorly tracked, and left active long after an integration is retired. We also talk about why SaaS-to-SaaS connections are so hard to secure, and why agentic AI makes visibility even more urgent. If you do not know what systems are connected, what data crosses those links, and who owns the risk, you are effectively trusting an invisible tunnel into your environment.To make this actionable, we lay out a four-phase third-party risk management (TPRM) framework you can apply immediately: build a vendor and integration inventory with tiering, run real due diligence (SOC 2 Type II, ISO 27001, data access scope, subprocessors and fourth parties), lock protections into contracts (DPA language, right to audit, breach notification expectations), then enforce ongoing monitoring and governance with quarterly token reviews, logging, and incident response playbooks. If you are studying for the CISSP, you will also see exactly how this maps to Domain 1, Domain 3, Domain 4, and Domain 5.Subscribe for more practical CISSP training, share this with a teammate who owns vendor approvals, and leave a review so more security pros can find it. What is the one integration you would audit first?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox!  Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In this episode, Raghu Nandakumara sits down with two heavyweights in cybersecurity: Dr. Anton Chuvakin (Google Cloud) and Erik Bloch (Illumio), for a candid, often funny, and occasionally sobering look at why detection and response keeps fighting the same battles it was fighting 20 years ago. From the birth of SIEM and the coining of "EDR," to the short-lived reign of XDR, to today's AI hype cycle, Anton and Erik trace the full arc of the industry's evolution and interrogate why, despite decades of tooling investment, the fundamental outcomes haven't changed.  Alert fatigue, signal-to-noise ratios, and the needle-in-the-haystack problem remain as stubborn as ever –and the slides security teams are building in 2025 look suspiciously like the ones from 2003. Raghu, Anton, and Erik discuss: Why the SOC still largely runs on a 1990s operating model and what it would actually take to change that How compliance pulled SIEM away from detection for over a decade and why that hangover still lingers Why a handful of engineering-led organizations (Google, Netflix, a European bank) have cracked the code while nearly everyone else keeps applying band-aids The pharmaceutical industry analogy that explains why security startups keep building band-aids instead of solving root causes What MDRs are doing right and why enterprise SOCs have no incentive to learn from them Why AI is accelerating tooling but, for some organizations, actually slowing down the harder transformation work How securing AI is repeating the exact same mistakes made in the early days of cloud Stay connected with our host Raghu on LinkedIn For more information about Illumio, check out our website at illumio.com

Got a question or comment? Message us here!The FBI is warning about Kali365, a new phishing‑as‑a‑service tool designed to steal Microsoft 365 credentials and enable account takeovers at scale. In this episode, we break down how it works, why it's so effective, and what your SOC can do right now to detect and defend against it. 

Google has said to be concerned about quantum computing by 2029. Kevin Kane, Co-Founder and CEO of American Binary, argues that timeline is already too relaxed and that companies treating post-quantum as a future problem are the ones most exposed right now. He breaks down what a real quantum-resilient architecture takes, why formal verification matters, and what harvest attacks mean for every encrypted message sent today. Kevin Kane: www.linkedin.com/in/iamkevinpkane American Binary: https://www.ambit.inc Jon: www.linkedin.com/in/jon-mclachlan Sasha: www.linkedin.com/in/aliaksandr-sinkevich YSecurity: www.ysecurity.io

Once certified for spaceflight, these next generation computer processors will be incorporated into mission hardware and adapted for Earth-based industries.

Skype of Cthulhu presents a Call of Cthulhu scenario. This is Our Home by Jim Phillips. November 25, 1976 Staten Island, New York City, New York Having learned more of the sinister forces arrayed against them, the residents discover that they are not the only targets for murder. Dramatis Persone: Jim as the Keeper of Arcane Lore Randall as Frank Romero, Electrical Engineer Meredith as Marsha Janelle, Waitress Steve as Trae Grier, Gas Station Attendant Edwin as Kevin Mazer, Chemistry Teacher Gary as Peter Michale, Ex Pro Quarterback Sean as Kirk Griffin, Actor Download Subcription Options Podcast statistics

Surface every AI agent in your tenant and expose the ones throwing security signals — across both the IT and SOC view. Triage high-severity alerts as IT in the Microsoft 365 admin center, then pivot into the full incident graph as a SOC analyst in Microsoft Defender. Block malicious tool invocations the instant they fire and catch jailbreak attempts on Copilot Studio agents before they take hold. Trace a compromised user back to suspicious agent activity, then trigger Microsoft Entra conditional access to revoke the session and force a password reset straight from the incident. Hunt overpermissioned agents with pre-built advanced hunting templates — including one that exposes every agent running MCP tools on the maker's standing credentials — and pull risky builds from the Agent Store using the Agent Registry.  Spencer Berg, AI & Security Product Manager, shares how to turn agent risk signals into coordinated remediation across Defender, Entra, and the Microsoft 365 admin center.  ► QUICK LINKS:  00:00 - Stay in control with Agent 365 00:40 - Gain visibility with unified control plane 01:48 - Unified IT & SOC agent view 02:54 - Real-time blocking and jailbreak detection 04:08 - Auto-revoke via Entra conditional access 04:32 - Prevent future incidents 05:28 - Advanced hunting for AI agents 06:43 - Block risky agents 07:15 - Wrap up ► Link References Check out https://aka.ms/Agent365SecOps ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social:  • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Send us Fan MailPeaches here with the no-BS daily drop. Something's gotta die if you wanna level up—stop repeating weak shit. Army's dumping real money into leader training and brutal exercises. Navy's got five carrier groups owning the map. Marines and Coasties are out there smoking narcos, seizing fentanyl and coke by the ton. But Marines—explain the “special operations capable” tag on your MEU because it sounds like straight dork energy unless you're a Raider. Love the logistics Marines staying riflemen first and crushing endurance courses while the rest of the military whines. Air Force fixing Eagles, Space Force hardening sats. Hegseth just ordered a full UCMJ review—about damn time, that justice system is broken as hell. CENTCOM strikes in Hormuz, Trump on Iran talks, NK lobbing missiles. Ends with the truth bomb: drive ain't some motivation video, it's purpose—others may live. Lock in or stay average.⏱️ Timestamps00:00 Something's Gotta Die01:05 Sponsor Truth: Tasty Gains, Operator Training Summit, Membership03:33 Army Leads Extended Basic Leader Course05:50 Able Crucible: Breaching, Live Fire, Chem Hell07:15 Fifth Corps NATO Saber Strike Drills08:10 Navy Carriers Dominate Global Hotspots09:00 Marines MEU Narco Raids Explode10:00 Peaches Grills Marines on “Special Ops Capable” BS11:45 Logistics Marines Crush It—Rifleman First12:30 Air Force F-15 Upgrades & Sustainment Wins13:45 Space Force Satellite Resiliency Contracts14:30 Coast Guard $45M Coke Bust & Offshore Rescues17:00 Hegseth Launches UCMJ Review—Justice System FUBAR18:30 Memorial Day + Trump Iran Update19:30 CENTCOM Hormuz Strikes & NK Missiles21:50 Real Drive: Purpose That Others May Live

All links and images can be found on CISO Series We know human-paced security controls can't be applied to autonomous AI agents. So what needs to change with CNAPP and cloud security? Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by David Spark, the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Dan Benjamin, vp product - data, identity, and AI security, Palo Alto Networks. In this episode: The detection ceiling A category gap, not a feature gap Resilience by design An insider threat with no face A huge thanks to our sponsor, Palo Alto Networks Cortex Cloud unifies code, cloud, and SOC on a single data, risk, and control plane — giving teams the context, workflows, and agentic intelligence to turn risk into resolution. Native AI agents investigate and act within enterprise guardrails, delivering real-time protection from workload to network edge. Cloud security that outpaces machine-speed threats. Visit Palo Alto Networks and search cortex cloud.  

Skype of Cthulhu presents a Call of Cthulhu scenario. Curse of Nineveh by Mike Mason, Mark Latham, Scott Dorward, Paul Fricker, and Andrew Kenrick. November, 1925 London The team tries to stop whatever foul plans the mastermind behind all these events has for the King's garden party. Dramatis Persone: Sean as the Keeper Edwin as Dame Agatha, Authoress Jonathan as Katherine "Kitty" Hall, Dilettante Steve as Connor Shaw, Archivist Max as Oswald Nickels, Big Game Hunter Gary as Anthony Kelly, Consulting Detective Randall as Dean Banks, Big Game Hunter Jim as Roger Schindler, Alienist Rachael as Maude Throckmorton, Adventuress Download Subcription Options Podcast statistics

We catch up with legal tech entrepreneur Nathan Wenzel to discuss his journey from founding and exiting SimpleLegal to launching his newest venture, LegalOperator.ai (formerly Lexiomatic). Nathan shares insights on the evolution of private equity (PE) structures, the shifting economics of the enterprise software market, and how artificial intelligence is disrupting traditional software development and corporate legal operations. Key Takeaways The Reality of Private Equity: Nathan breaks down the differences between growth PE, transition PE, and dividend-focused PE, highlighting his experience with operational scaling post-acquisition. The Death of Overpriced SaaS: With AI lowering the barrier to entry for building software, traditional $100,000+ enterprise software pricing models are facing immense pressure to become lean, affordable, and transparent. The "Vibe Coding" Phenomenon: While "vibe coding" (loosely describing an app to an AI) works for quick prototypes, building enterprise-grade software still requires meticulous specifications, security infrastructure (like SOC 2 compliance), and robust edge-case testing.

A central development addressed is the projected effect of AI on the per-seat pricing model that underpins many MSP service offerings. According to the discussion, AI could reduce white-collar jobs by 30-50%, leading to fewer user seats for MSPs to support and bill for. This scenario presents significant revenue risk for MSPs reliant on per-user contracts. The discussion also references Microsoft's introduction of Agent365, a product designed to license AI agents within enterprise environments, indicating a move by vendors to adapt licensing models while protecting enterprise relationships. Participants noted that if customer organizations reduce headcount, MSPs will face declining license and seat-based revenue. Discussion suggested alternative business models, such as switching to per-device pricing or developing new service streams, with an emphasis on advisory services and security. The timeframe for these changes was cited as two to three years, which was described as an operationally compressed window for MSPs. Additionally, security, data management, compliance, and governance were highlighted as ongoing service areas with continued relevance as the MSP landscape evolves. Additional topics included increased local competition among MSPs, as evidenced by survey data reporting 100% of respondents encountering significant competition in 2024. Differentiation and targeted marketing were underscored as necessary responses to commoditization pressures. Emotional considerations related to M&A were also discussed, with particular focus on the personal and organizational impact of business sales. Security operations in MSP settings were identified as a rising operational burden, amplified by rapid changes and the challenge of upskilling staff hired for traditional IT roles. Key implications for MSPs and IT service providers center on the need for rapid operational restructuring, with greater emphasis on knowledge-based services such as IT advisory, risk, security, and compliance. There is a recognized accountability for customer education on evolving threats and for managing new AI-related risks that impact both data sovereignty and contractual obligations. The discussion suggests that MSPs unable or unwilling to adapt to these shifts may seek exit strategies, while those staying will need to reassess both revenue models and the skills composition of their teams. Participation in industry peer groups was recommended to share best practices and address common operational challenges.   MSP Question of the week:    How will AI impact the per seat model?  -  How will AI impact the per seat model?  -  Captera did a survey on local competition: Captera did a survey of MSPs. 100% of surveyed MSPs say competition in their region is high.  This was a 2024 study—  in 2026, it has to be worse. MSPs that can't differentiate are suffering. https://www.capterra.com/resources/managed-service-provider-for-small-business/ - Emotions of selling your business – AMY'S NEW BOOK: https://sellmymsp.com/book -  How AI Is Transforming Security Operations: https://www.thirdtier.net/2026/05/11/how-artificial-intelligence-helps-managed-service-providers-deliver-smarter-security/When I talk with MSPs today—whether in my mentored-peer groups or consulting gigs—the same pattern shows up. Security has become the heaviest part of the workload. SOC-like responsibilities are landing on teams that were originally built for backups and patching. That mismatch is where AI can make a measurable difference and a wake-up call for MSPs looking toward the future.                - Not meeting with clients because you don't know what to say? Speak To Your Clients About Email Threats: https://www.thirdtier.net/2026/05/19/speak-to-your-clients-about-email-threats/             - Tales from the field: Why MSP's are exiting the channel  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Security operations center (SOC) analysts were already stretched to their limits, with teams often unable to investigate threats at the scale and speed needed to keep their organizations completely protected against modern threats.The surprising emergence of the Claude Mythos Preview represents an inflection point when it comes to that issue. In pre-release testing, Anthropic found this frontier model so effective at discovering and independently exploiting vulnerabilities that the company decided not to release Mythos.Whether Mythos ever gets a full release, it is a harbinger of a step function in capabilities with large language models that will likely push the limits of SOC analysts even further – with automated attacks coming at all hours, increased volumes, and potentially better-than-human sophistication.One of the great promises of AI agents is that of the 24/7 worker, which could play a particularly powerful role in security. But what does this look like in practice, especially in an era of Mythos-type LLMs?In this episode, in association with Dropzone AI, ITPro is joined by Edward Wu, founder and CEO at Dropzone AI, to unpack how agentic AI can automate alert triageHighlights“End-to-end remediation in complex organizations requires human judgment, context, and accuracy, areas where AI agents are not yet close to automating.”“AI agents can be thought of as 'foot soldiers' managed by human 'field generals' in the SOC, handling tasks like alert investigations while humans focus on complex issues.”“The threat from LLMs is not overblown, but rather a culmination of a gradual increase in capabilities over the past few years, with Mythos being a significant threshold.”“The future of the SOC will involve experienced people managing armies of AI agents, similar to software development teams where engineers manage multiple AI coding agents.”“Models like Mythos fundamentally change the situation by enabling attackers to more economically find zero-day vulnerabilities and weaponize them into exploits, impacting vulnerability management teams first.”Footnoteshttps://www.dropzone.ai/https://www.dropzone.ai/resources/customer-case-studieshttps://www.dropzone.ai/resources/learning-guide

Skype of Cthulhu presents a Call of Cthulhu scenario. This is Our Home by Jim Phillips. November 23, 1976 Staten Island, New York City, New York The residents learn more about their landlord and receive an unusual gift. Dramatis Persone: Jim as the Keeper of Arcane Lore Randall as Frank Romero, Electrical Engineer Meredith as Marsha Janelle, Waitress Steve as Trae Grier, Gas Station Attendant Edwin as Kevin Mazer, Chemistry Teacher Gary as Peter Michale, Ex Pro Quarterback Sean as Kirk Griffin, Actor Download Subcription Options Podcast statistics

(Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.) Three Buddy Problem x Ekoparty Miami: Aaron Portnoy (Zero Day Initiative alum, early Pwn2Own organizer, and now at Mindgard) joins us at Ekoparty Miami to reminisce on the early days of the hacking contest, where vulnerabilities actually live (the boundaries between systems, not inside them), why LLMs will take out the trash but can't dream up the next speculative-execution-class bug, and the coming patching apocalypse when discovery 10x's overnight. Plus, why your SOC is a forensic historian, the promise of hijacking an attacker's reward loop with deception tech, and the legendary story of carrying a Walmart "fat stack" of cash to bootstrap Ekoparty in Buenos Aires. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Aaron Portnoy. Timestamps: 0:00 — Introductory banter 1:17 — Dropping out, iDefense, and getting good at reversing everything 2:19 — How Pwn2Own got started 4:15 — The most impressive Pwn2Own ever: Nils, VUPEN, and exploit "art" 5:59 — "iPhone hacked in 30 seconds" — and the 18 months behind it 6:41 — Does Pwn2Own still have a place in the AI era? 9:16 — Why LLMs take out the trash but can't invent the next bug class 12:48 — Will LLMs deliver new mitigation classes? Aaron's skeptical 18:34 — The place of the human when the easy bugs run dry 21:08 — Cognitive offloading, Halvar's warning, and skill rot 22:39 — Decompiling 800k functions: Aaron's LLM "holy shit" moment 25:26 — The patching apocalypse and why "assume breach" breaks 28:15 — Compounding asymmetries: why offense just transcended defense

#236: How Nevada Recovered from a Statewide Cyber Attack in 28 Days (And What Every CIO & CISO Should Do Before It Happens to Them)SummaryNevada woke up to a ransomware attack that took 60+ state agencies offline. No ransom paid. Full recovery in 28 days.State CIO Timothy Galluzi and Info-Tech's Mark Hellbusch break down the largest ransomware attack in Nevada state history - how the network came back in 48 hours, how they kept citizen trust through radical transparency, and what every state CIO, CISO, and public sector IT leader needs to know about incident response, Zero Trust Architecture, and building the partnerships that actually show up when it matters.FeaturingTimothy Galluzi, CIO State of NevadaMark Hellbusch, Director, AI Security & Privacy, Info-Tech Research GroupTimestamps(00:00) Every 39 seconds - ransomware by the numbers(01:00) The call Tim never wanted to get(05:50) 18-20 hour days and kicking people out of the office(08:00) Managing public comms with an active adversary watching(14:30) NASCIO community: peer intel sharing in a crisis(16:00) When Info-Tech showed up vs. the cold call vendors(17:30) "28 days of success" - building the after action report(24:00) Assembly Bill One: unanimous vote, statewide SOC(30:00) Trusted partner vs. vendor - the real difference(34:00) Zero Trust: 80% risk reduction and $1.5M ROIListen now: YouTube x Apple x SpotifyWhenever you're ready, there are 3 ways you can connect with TechTables:1.

Got a question or comment? Message us here!In this episode of the #SOCBrief, we dive into the first confirmed case of an AI-powered zero-day exploit. With attackers leveraging AI to discover vulnerabilities, generate exploit code, and bypass defenses faster than ever, this marks a major shift in how threats are developed and deployed. We break down how the attack worked, what made the exploit unique, and the key detection and defense strategies SOC teams need to start adopting now to keep pace with AI-driven adversaries.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Skype of Cthulhu presents a Call of Cthulhu scenario. Curse of Nineveh by Mike Mason, Mark Latham, Scott Dorward, Paul Fricker, and Andrew Kenrick. November, 1925 London While some prepare for another incursion into the subway, the police engage others to look into a brutal set of murders. Dramatis Persone: Sean as the Keeper Edwin as Dame Agatha, Authoress Jonathan as Katherine "Kitty" Hall, Dilettante Steve as Connor Shaw, Archivist Max as Oswald Nickels, Big Game Hunter Gary as Anthony Kelly, Consulting Detective Randall as Dean Banks, Big Game Hunter Jim as Roger Schindler, Alienist Rachael as Maude Throckmorton, Adventuress Download Subcription Options Podcast statistics

The mid-market is where tech decisions get dangerous. You are big enough that uptime, security, and delivery speed matter every day, but you are not big enough to burn cash on massive consulting retainers or absorb the fallout from a shaky vendor. That “valley in the middle” is exactly where David Robinson lives, and it is why he built Stratos Development Group to offer right-fit technical leadership, managed services, and software development that feels structured without being out of reach. We walk through David's journey from building early electronic medical record software in healthcare to leading engineering at a venture-backed startup, and then into entrepreneurship. From there, we get practical about what mid-market teams actually struggle with: competitors using the same licensed infrastructure, product roadmaps hijacked by one or two big customers, and the need to own real intellectual property and architecture to keep a competitive edge. For payments, fintech, and ISO leaders, the conversation goes deep on what Stratos is seeing right now: consolidation, tougher differentiation, and the technical friction that can make or break net-new deals. David shares how ISOs can approach technology enablement and custom integrations, plus the bigger opportunity of moving from ISO to ISV. If you already have a book of business, you also have a built-in feedback loop, faster validation, and a clearer path to launching software that your clients will actually pay for. We also tackle AI and the “vibe coding” era, including why agentic development can boost productivity but cannot shortcut PCI, SOC, or HIPAA compliance. If you want to modernize safely and win in a more competitive market, this one is for you. 

In this episode of the ProductLed Podcast, Wes Bush and Esben Friis-Jensen sit down with Roeland Delrue, CEO and co-founder of Aikido Security, to unpack how the company reached $40M+ ARR in just three and a half years in one of the most sales-heavy categories in software. Roeland shares how his team entered cybersecurity without a traditional security background, simply by living the problem themselves. After juggling eight different security tools and watching a security engineer quit from the sheer pain of triaging endless false positives, they decided to build the product they wished existed. The conversation digs into why Aikido took a radically product-led path in a market dominated by demos, gated trials, and opaque pricing. Roeland explains how transparent pricing, fast time-to-value, and a no-nonsense buying experience helped Aikido win trust with developers and security teams alike. They also get into the bigger growth story behind the business: why product-led motions scale so well, how compliance trends like SOC 2 create strong tailwinds, and why Aikido chose to build a multi-product platform from day one instead of another point solution. Toward the end, Roeland shares his view on AI in cybersecurity, where AI pen testing is already replacing human work, and where humans will still matter for a long time. It is a candid look at building a category-defining security company without following the usual playbook. Key Highlights: 01:46 - The Pain That Sparked Aikido How Roeland and his co-founders went from frustrated security-tool buyers to building their own solution. 04:40 - Why Cybersecurity Needed a PLG Rethink A sharp breakdown of why traditional sales-led security buying feels broken and expensive. 10:11 - Trust in Security Without Heavy Sales How Aikido built trust through product quality, compliance, transparency, and social proof. 15:24 - What Drove Aikido's Fast Growth Why self-serve foundations, fast setup, and faster time-to-value helped the company scale quickly. 18:06 - Compliance and AI Fueling Demand How SOC 2, ISO requirements, open source risk, and AI-driven software growth are expanding the market. 20:15 - Building a Security Platform Day One Why Aikido bet on an all-in-one platform instead of a narrow point solution, and how they keep quality high. 27:08 - Brownfield vs Greenfield Growth Roeland explains why Aikido started by replacing existing tools and is now moving into faster AI-driven markets. 34:16 - A Practical View of AI in Security Why Roeland believes the future is hybrid, with deterministic scanners and AI working side by side. 36:31 - Can AI Replace Human Pen Testing? Where AI pen testing already works today, where it still falls short, and what adoption barriers remain. Resources:

Skype of Cthulhu presents a Call of Cthulhu scenario. This is Our Home by Jim Phillips. November 21, 1976 Staten Island, New York City, New York Amidst the tragedy of the previous night, the residents gain new information on their role in all of these strange happenings. Dramatis Persone: Jim as the Keeper of Arcane Lore Randall as Frank Romero, Electrical Engineer Meredith as Marsha Janelle, Waitress Steve as Trae Grier, Gas Station Attendant Edwin as Kevin Mazer, Chemistry Teacher Gary as Peter Michale, Ex Pro Quarterback Sean as Kirk Griffin, Actor Download Subcription Options Podcast statistics

The OCC's 376-page proposed rule under the GENIUS Act is converting stablecoin policy into binding compliance requirements with formal issuer categories. Paxos, BitGo, and Ripple all received OCC trust charter approvals, but a trust charter does not guarantee Fed payment rail access. Klarivis data shows deposit movement from stablecoin-adjacent products is already measurable at community banks. The 26-month application timeline puts anyone starting today against a potential administration change, and sponsor bank programs face new pressure from charter competition and yield-based products.Bank charter confusion, trust charter risks, and Fed Master Account access gaps are creating real problems for fintech operators, sponsor banks, and community bank executives right now. Tedd Huff, CEO of fintech advisory firm Voalyre and founder of Fintech Confidential, and co-host Steve Bishop sit down on Inside the Vault with three former and current regulatory insiders: Syed Raza, former Acting Chief Innovation Officer at the OCC and Managing Director at FTI Consulting; Michele Alt, Co-Founder and Managing Director at Klaros Group; and Ian Moloney, Chief Policy Officer at the American Fintech Council.Find out more1️⃣ Answer four questions before filing: who grants the charter, what powers it includes, what activities are limited, and who examines the institution.2️⃣ Start compliance documentation now; controls, funds flow maps, and exception handling should be ready before the examiner asks.3️⃣ Read the conditions attached to charter approvals; those conditions reveal what regulators did not trust in the application.4️⃣ Align cost sharing, control ownership, and data ownership with your partner before examination forces the conversation.5️⃣ Price the M&A path into your charter strategy; the 26-month timeline means the political window may close before your application clears.Guest LinksSyed RazaFTI ConsultingMichele AltKlaros GroupIan MoloneyAmerican Fintech CouncilSteve BishopFintech ConfidentialPodcast: https://fintechconfidential.com/listenNotifications: https://fintechconfidential.com/accessLinkedIn: https://www.linkedin.com/company/fintechconfidentialX: https://x.com/FTconfidentialInstagram: https://www.instagram.com/fintechconfidentialFacebook: https://www.facebook.com/fintechconfidentialSupportersUnder: Streamline your application and underwriting process by digitizing PDFs for digital signature. under.io/ftcSkyflow: Zero-trust data privacy vault delivered as an API covering PCI, CCPA, GDPR, and SOC 2 compliance. skyflowsecure.comHawk AI: Real-time payment screening, ML transaction monitoring, and dynamic customer risk rating to fight fraud and financial crime. gethawkai.comAbout the GuestsSyed Raza is a Managing Director at FTI Consulting with over 30 years in risk management and regulatory compliance. He previously served as Acting Chief Innovation Officer at the OCC, guiding regulatory policy for fintech licensing.Michele Alt is Co-Founder and Managing Director at Klaros Group. She spent 22 years in the OCC Law Department and advises banks and fintechs on charter applications, regulatory strategy, and bank design.Ian Moloney is Chief Policy Officer at the American Fintech Council. He previously led policy and regulatory affairs at Cross River and served as a Senior Analyst at the U.S. Government Accountability Office.About the Co-HostSteve Bishop is Founder and Chief Ally at amBaaSsador, an education and advisory platform focused on embedded finance and Banking-as-a-Service for financial institutions.About the HostTedd Huff, CEO of fintech advisory firm Voalyre and host of Fintech Confidential. Fintech Confidential is a production of DD3 Media, bringing you the people, tech, and companies that change how you pay and get paid.Chapters00:00 Episode Highlights00:36 Welcome to Fintech Confidential03:31 Sky Flow: Building Fast and Secure (Sponsor)04:33 What a Charter Means07:06 OCC Rules and Stablecoins09:43 Why Trust Charters Boom13:50 Under.io: AI-Powered Onboarding & Risk Verification (Sponsor)14:20 Fed Master Account Gap17:59 Sponsor Banking Under Pressure22:15 What to Watch Next25:28 Action Steps and Wrap27:50 Hawk.ai: AI-Driven Financial Crime Detection (Sponsor)28:36 Disclaimer#bankcharter #trustcharter #fintech #occ #stablecoin #geniusact #fedmasteraccount #sponsorbank #baas #fintechregulation #communitybank #bankingcompliance #fintechpolicy #occcharter #depositinsurance #stablecoinyield #bankholding

Be sure and join us with our special guest, 37 year FDNY veteran, Captain John Ceriello. John started his career as a Volunteer firefighter with Roslyn Highlands FD in 1981, and in February of 1988 he was appointed to the FDNY. He was assigned to Engine 225 in East New York in April of that same year. In the Spring of 89 he transferred to Squad 18 as an inaugural member! In 2002 he was then transferred to Rescue 1. Then in July of 2005 he was promoted to Lieutenant assigned to the 7th division. In 2006 he returned to SOC in the SOC Support Ladder Unit. In 2007 he was assigned to another Squad, Squad 252. 2015 rolls around and wouldn't you know it, John was promoted to Captain and assigned to Chief Galvin in training. From 2016 to 2019 Cap covered the 11th Division. In May of 2019 Captain Ceriello was covering in Rescue 1, ultimately being assigned to R1 in January 2020. Captain Ceriello stayed with Rescue 1 until he retired in August of 2025. No doubt Cap has some great stories for us and we can't wait to hear them. Gonna be another great show. We will get the whole skinny. You don't want to miss this one. Join us at the kitchen table on the BEST FIREFIGHTER PODCAST ON THE INTERNET!You can also Listen to our podcast ...we are on all the players #lovethisjob #GiveBackMoreThanYouTake #Oldschool #Tradition #Learyfirefightersfoundation #firefighter #FDNYRescue1Become a supporter of this podcast: https://www.spreaker.com/podcast/gettin-salty-experience-firefighter-podcast--4218265/support.

Join us for this week's Defender Fridays as Chris Sanders, Founder at Applied Network Defense and the Rural Technology Fund, breaks down how analysts actually think through investigations and what separates high performers from the rest.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.What We'll DiscussIn this episode, Chris Sanders draws on his background in security operations and cognitive psychology to explore how metacognition shapes investigative performance, and why understanding how you think is one of the most underleveraged skills in the SOC.Key Topics:Why high-performing analysts ask better questions instead of starting with large chunks of dataHow diagnostic inquiry (DINQ) was developed by studying senior analysts in actionWhat separates one year of experience repeated twenty times from genuinely diverse experienceWhy tacit knowledge makes it hard to train new analysts and what to do about itHow AI fits into the investigative process and where humans still need to be in the loopWhy cybersecurity education has a transfer problem and what other fields like medicine get rightWhat good SOCs have in common and why it comes down to metacognitive awarenessAbout Our GuestChris Sanders is the Founder of Applied Network Defense, a training company focused on analyst and investigative roles, and the Rural Technology Fund, an organization that supports technology education in rural and underserved communities. He holds a doctorate in education and has spent his career at the intersection of cybersecurity and cognitive psychology, including time at school districts, the federal government, and Mandiant.Register for Live SessionsJoin us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!Sponsored by LimaCharlieThis episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.Why LimaCharlie?Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandAccelerate response with agentic AI that acts directly within predefined workflowsTry the Agentic SecOps Workspace free: https://limacharlie.ioLearn more: https://docs.limacharlie.ioFollow LimaCharlieSign up for free: https://limacharlie.ioLinkedIn: / limacharlieioX: https://x.com/limacharlieioCommunity Discourse: https://community.limacharlie.com/Host: Maxime Lamothe-Brassard - Founder at LimaCharlieGuest: Chris Sanders - Founder at Applied Network Defense & Rural Technology Fund

Skype of Cthulhu presents a Call of Cthulhu scenario. Curse of Nineveh by Mike Mason, Mark Latham, Scott Dorward, Paul Fricker, and Andrew Kenrick. November, 1925 London Following Mr. Kelly's strange visions into the subway system proves to be deadly for one of the team. Dramatis Persone: Sean as the Keeper Edwin as Dame Agatha, Authoress Jonathan as Katherine "Kitty" Hall, Dilettante Steve as Connor Shaw, Archivist Max as Oswald Nickels, Big Game Hunter Gary as Anthony Kelly, Consulting Detective Randall as Bertie Weiss, Graduate Student Jim as Roger Schindler, Alienist Rachael as Maude Throckmorton, Adventuress Download Subcription Options Podcast statistics

What if the cybersecurity industry has spent decades fighting the wrong battle? In this episode of Tech Talks Daily, I sat down with Benny Czarny, founder and CEO of OPSWAT, to discuss why he believes the traditional "detect and respond" model is no longer enough in a world where AI is accelerating cyber threats faster than security teams can react. Benny joined me to discuss his new book, Cybersecurity Upside Down, which combines personal stories from building OPSWAT with a bold argument for rethinking how organizations approach cyber defense altogether. His central belief is simple but provocative: detection-based security has trapped the industry in a losing cycle in which attackers need to succeed only once, while defenders are forced into a constant state of reaction. During our conversation, Benny explained how his thinking evolved after realizing that even layering dozens of antivirus engines and sandboxing technologies still failed to stop malicious files reliably. That realization ultimately pushed him toward a prevention-first philosophy built around Deep Content Disarm and Reconstruction, or CDR. Rather than trying to determine whether a file is malicious, the approach assumes files may already be dangerous and regenerates clean, safe versions before they ever reach users or systems. We also explored how generative AI is changing the cybersecurity landscape in ways many organizations still underestimate. Benny shared why AI is dramatically reducing the time required to create malware, weaponize exploits, and scale attacks, effectively giving even inexperienced attackers capabilities once reserved for nation states or advanced cybercriminal groups. He also raised concerns that AI data lakes could become contaminated with malicious content, creating entirely new risks for organizations rushing to deploy large language models without securing the data feeding them. One of the most fascinating aspects of the discussion was the psychology and culture within cybersecurity teams. Benny argued that the industry often celebrates visible incident response activity while undervaluing quiet prevention. In a world dominated by alerts, dashboards, and SOC metrics, truly preventing attacks can almost appear invisible, despite potentially delivering far greater security outcomes. We also talked about the sectors Benny believes are most exposed today, including energy, manufacturing, and critical infrastructure operators that still rely heavily on reactive security models while facing growing operational and regulatory complexity. He explained why some industries are advancing faster than others and why compliance mandates could become a major catalyst for broader prevention-first adoption. Beyond cybersecurity itself, this episode also offered a fascinating look into Benny's entrepreneurial journey, what he learned building OPSWAT over two decades, how AI helped him research and structure his book, and why he is now even producing a cybersecurity-focused TV series called Into the Breach, designed to make complex security concepts easier for wider audiences to understand. This conversation challenges many of the assumptions the cybersecurity industry has normalized for years. Whether you work in security, IT leadership, compliance, or want to understand how AI is reshaping digital risk, this episode offers a very different perspective on what modern cyber resilience could look like in practice.

Over the last decade, cybersecurity heavily invested in EDR, XDR, SIEM, telemetry, and SOC-driven operations. We stopped asking how to stop attacks and started asking how fast we could detect them. However, Mythos and frontier models have changed that paradigm. How do you detect a -7 day vulnerability? Detection and response cannot keep, so what's the answer? Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss why cybersecurity is shifting from detection and response to prevention and enforcement. As attackers accelerate through automation and AI, organizations are revisiting prevention-focused controls. Rob will discuss why organizations need to adopt application allowlisting, Zero Trust, Ringfencing, and policy enforcement to reduce attacker freedom before execution occurs. Prevention-first security is the only way to decrease the AI attack surface. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! In the leadership and communications segment, What CISOs need to land a board role, The Security Mistakes Being Repeated With AI, When Senior Leaders Lack People Skills, Transformations Fail, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-448

Skype of Cthulhu presents a Call of Cthulhu scenario. This is Our Home by Jim Phillips. November 20, 1976 Staten Island, New York City, New York A late night battle against a monstrous entity brings death to an innocent. Dramatis Persone: Jim as the Keeper of Arcane Lore Randall as Frank Romero, Electrical Engineer Meredith as Marsha Janelle, Waitress Steve as Trae Grier, Gas Station Attendant Edwin as Kevin Mazer, Chemistry Teacher Gary as Peter Michale, Ex Pro Quarterback Sean as Kirk Griffin, Actor Download Subcription Options Podcast statistics

Got a question or comment? Message us here!In this episode of the #SOCBrief, we break down the ShinyHunters breach of Instructure's Canvas LMS and what it means for security teams everywhere. From exploiting a lesser-monitored service to exfiltrating millions of records, this attack highlights the growing risk of third-party vendors and supply chain exposure. We walk through how the breach unfolded, key indicators of compromise, and the practical steps SOC teams can take to detect, monitor, and reduce vendor-related risk before it becomes a crisis.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

All links and images can be found on CISO Series This week's CISO Series Podcast features David Spark, producer of CISO Series, and Andy Ellis, principal of Duha. Joining us is our sponsored guest, Jadee Hanson, CISO, Vanta. In this episode: The compliance receipt nobody reads Who signs off on the AI that wrote the code The agent that wouldn't stop The questionnaire that should not exist A huge thanks to our sponsor, Vanta Risk and regulation ramping up—and customers expect proof of security just to do business. Vanta's automation brings compliance, risk, and customer trust together on one AI-powered platform. So whether you're prepping for a SOC 2 or running an enterprise GRC program, Vanta keeps you secure—and keeps your deals moving. Learn more at vanta.com/ciso.

Skype of Cthulhu presents a Call of Cthulhu scenario. Curse of Nineveh by Mike Mason, Mark Latham, Scott Dorward, Paul Fricker, and Andrew Kenrick. October, 1925 London The investigators are called to assist the Museum with locating more missing objects. Dramatis Persone: Sean as the Keeper Edwin as Dame Agatha, Authoress Jonathan as Katherine "Kitty" Hall, Dilettante Steve as Connor Shaw, Archivist Max as Oswald Nickels, Big Game Hunter Gary as Anthony Kelly, Consulting Detective Randall as Bertie Weiss, Graduate Student Jim as Roger Schindler, Alienist Rachael as Maude Throckmorton, Adventuress Download Subcription Options Podcast statistics

This Week In Startups is made possible by:Vanta - Vanta.com/TWISTSentry - Sentry.io/TWISTDeel - Deel.com/TWISTToday's show:AI is the villain of the 2026 commencement cycle, with business luminaries — including Eric Schmidt — booed for discussing or praising the technology. As students graduate into a job market forcibly reshaped by AI, increasingly negative public polling on the potential impacts of artificial intelligence on society is clearly not missing the mark.Jason and Alex then discussed The Information's reporting that Anthropic and OpenAI earn nearly 90% of all startup AI revenue, a Stanford student's viral essay regarding their time at the university in a post-ChatGPT world, Flock Safety's impressive (and worrying) web of cameras, and the upcoming Mark II AI bookmark. The episode closes with questions from our live audience!TWIST Links:Bounty website https://www.thisweekinstartups.com/bountySidebar bounty challenge https://www.notion.so/launch1/5K-Bounty-Create-Sidebar-App-for-Podcasts-34150ff313d280adbd8ed6204676513cAnnotated.com bounty challenge https://annotated.lovable.app/Timestamps:0:00 TWiST All-Stars summer lineup announcement2:43 Plaud: If your work depends on conversations — interviews, meetings, calls — you need a Plaud NotePin. You can check it out at https://Plaud.ai/twist and use code TWIST for 10% off!5:08 Eric Schmidt booed at University of Arizona commencement8:57 Why Gen Z feels "double-crossed" by AI leaders10:10 Deel - Founders scale faster on Deel. Set up payroll for any country in minutes, hire anyone anywhere, get visas handled fast, and get back to building. Visit https://deel.com/twist to learn more.15:22 Is this AI's Vietnam moment? The anti-war parallel18:04 Theo Baker's NYT essay on Stanford's AI cheating culture19:24 Sentry - New users can get $240 in free credits when they go to https://sentry.io/twist and use the code TWIST22:30 Why Jason says everyone should start a company28:59 Anthropic + OpenAI capture 89% of AI startup revenue30:17 Vanta: Get $1000 off your SOC 2 at https://www.vanta.com/twist31:57 Are token sales a duopoly? Negative gross margins debate35:17 Risk of building app-layer startups on top of foundation models38:22 Inside Tracker bounty update: AI sidebar + Annotated.com41:18 Mark II: the $159 AI bookmark Alex wants49:31 Flock Safety solves Austin shooting via Manor PD53:39 DeFlock map and the geography of surveillance in Texas1:03:42 Noti Gang: AI for filing patents1:05:45 Noti Gang: Running AI models locally on Mac StudiosSubscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.comCheck out the TWIST500: https://www.twist500.comSubscribe to This Week in Startups on Apple: https://rb.gy/v19fcpFollow Alex:X: https://x.com/alexLinkedIn: ⁠https://www.linkedin.com/in/alexwilhelmFollow Jason:X: https://twitter.com/JasonLinkedIn: https://www.linkedin.com/in/jasoncalacanisCheck out all our partner offers: https://partners.launch.co/Great TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarlandCheck out Jason's suite of newsletters: https://substack.com/@calacanisFollow TWiST:Twitter: https://twitter.com/TWiStartupsYouTube: https://www.youtube.com/thisweekinInstagram: https://www.instagram.com/thisweekinstartupsTikTok: https://www.tiktok.com/@thisweekinstartupsSubstack: https://twistartups.substack.com