Podcasts about SOC

Third-party risk is no longer a background concern for healthcare organizations -- it is a frontline challenge. Jason Kor, Principal at HITRUST, works on the company's third-party risk management team, helping enterprises understand the security risk embedded in their supply chains. The numbers tell a stark story: according to Security Scorecard, 99% of the world's 2,000 largest companies are actively connected to a vendor that has experienced a breach in the past 18 months. And Verizon's Data Breach Investigations Report shows that the share of breaches tied to a third party has doubled year over year. HITRUST exists precisely to help organizations move from awareness to action. HITRUST will be at HIMSS 2026 in Las Vegas, March 9-12, at Booth 11307. Stop playing whack-a-mole with vendor risk -- step into the VR challenge and win prizes. For organizations already holding a HITRUST certification, the team has something else waiting: a trophy recognizing the commitment to independent, external audits and rigorous security standards. For those exploring certification for the first time, the booth is a chance to understand how HITRUST compares to alternatives like SOC 2 questionnaires -- and why scalability and risk reduction make it the stronger choice for supply chain assurance. Kor puts it plainly: the audits are time-consuming and expensive because they are effective. And at the end of the process, someone reads that report and makes real business decisions based on what it contains. Two major themes converge at this year's event: supply chain risk and AI. HITRUST has already launched an AI security assessment offering, and new CSF releases are on the horizon, including a report center feature enabling online review of assessments for anti-fraud and continuous monitoring purposes. On Tuesday, March 10, 2026, from 11:10 AM to 11:30 AM, Kor will deliver a 20-minute session titled "Understanding AI Security Risk -- The New Blind Spot in TPRM and Supply Chain Resilience." The session addresses a rapidly evolving challenge: as organizations build their own generative AI tooling -- or work with third parties that have integrated AI into their products -- questions around data sovereignty, input handling, and model provenance become critical, especially in healthcare where electronic health information is at stake. Also on the HIMSS 2026 agenda from HITRUST: Ryan Patrick, Executive Vice President of TPRM Customer Solutions, joins John P. Houston of UPMC and Chuck Christian of Franciscan Health for a Brunch Briefing titled "Building Secure, Compliant, and Resilient Healthcare Systems Together" on Tuesday, March 10, 2026, from 10:30 AM to 11:45 AM at Level 1, Casanova 505. The session offers practical strategies, frameworks, and real-world lessons for organizations looking to reduce risk, enhance protection, and advance trust in an evolving threat and regulatory landscape. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Jason Kor, Principal, HITRUSThttps://www.linkedin.com/in/securityconsultantcissp/ RESOURCES HITRUST: https://hitrustalliance.net Jason Kor Session -- Understanding AI Security Risk -- The New Blind Spot in TPRM and Supply Chain Resilience (Tuesday, March 10, 2026, 11:10 AM - 11:30 AM): https://app.himssconference.com/event/himss-2026/planning/UGxhbm5pbmdfNDMyMTMxOA== Building Secure, Compliant, and Resilient Healthcare Systems Together -- Brunch Briefing (Tuesday, March 10, 2026, 10:30 AM - 11:45 AM): https://app.himssconference.com/event/himss-2026/planning/UGxhbm5pbmdfNDMzNzQwMQ== HIMSS 2026 Global Health Conference and Exhibition: https://www.itspmagazine.com/cybersecurity-technology-society-events/himss-global-health-conference-amp-exhibition-2026 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Jason Kor, HITRUST, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, third-party risk management, TPRM, supply chain risk, healthcare cybersecurity, HIMSS 2026, AI security, generative AI risk, HITRUST CSF, cybersecurity certification, data sovereignty, electronic health information, vendor risk management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

FBI investigates suspicious activities on agency network Over 100 GitHub repositories distributing BoryptGrab stealer Hackers abuse .arpa DNS and ipv6 to evade phishing defenses Get links to all the stories in our show notes: https://cisoseries.com/cybersecurity-news-fbi-network-breach-github-distributes-stealer-hackers-abuse-arpa/ Huge thanks to our sponsor, Dropzone AI Here is a number worth knowing before RSAC. The average enterprise SOC sees tens of thousands of alerts a day. Most get triaged. A fraction get thoroughly investigated. The rest sit in the queue or get auto-closed.   Dropzone AI puts AI SOC agents on every one of those alerts. Every alert investigated, end to end, across your full tool stack, around the clock. Over 300 deployments in production today.   They are at RSAC this year. Booth 455. dropzone.ai/rsa-2026-ai-diner  

Are attackers really using AI to run end-to-end cyber campaigns? In this episode, Edward Wu (Founder and CEO, DropzoneAI) joins Ashish to separate the hype from reality when it comes to AI-driven attacks .Edward explains how attackers are currently using open-source LLMs for reconnaissance and spear-phishing , and why the major commercial models now explicitly prohibit users from generating exploits without vetting . On the defense side, Edward shares how AI agents have successfully automated over 160 years' worth of alert investigations in the real world proving that 100% software-delivered SOC triage is already here .We also debunk the myth of AI "hallucinations," explaining why most errors are actually just poor context management . If you're building a security operations center or working with an MSSP, this episode will teach you how to shift from manual alert fatigue to leveraging AI for threat hunting.Guest Socials -⁠ ⁠⁠⁠⁠⁠⁠Edward's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Security, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠Questions asked:(00:00) Introduction(02:50) Who is Edward Wu? (Founder of Dropzone AI) (04:50) The Reality of AI Cyber Attacks Today (Recon vs. End-to-End) (07:20) Why Commercial LLMs Are Blocking Exploit Generation (11:50) How MSSPs are Evolving with AI Triage (18:20) The Asymmetric Capacity Gap: Why Humans Can't Keep Up (22:30) Automating 160 Years of Alert Investigations (23:50) Why AI Hallucinations are Actually Context Management Failures (26:00) Build vs. Buy: The Data Network Effect for AI Agents (29:20) The New Workflow for SOC Analysts & Threat Hunters(31:30) Defining "Threategy": Scope, Authorization, and Context (35:50) How to Detect Prompt Injection (Treat it like an Insider Threat) (38:30) Dropzone AI Announcements at RSACResources spoken about during the episode:- Dropzone Diner RSAC 2026- If you want to learn more about Dropzone- you can do that here!

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter.

In this panel discussion from the Inch 360 Conference, cybersecurity experts explore the intersection of compliance, insurance, and risk management. Moderated by Maria Braun (Baker Tilly), the panel features Casey Wheeler (Marsh McLennan Agency), Dan Brown (CISA), and Deb Wells (BECU).Key Topics Covered:The Compliance vs. Security MythWhy having SOC 2, ISO 27001, or PCI-DSS doesn't automatically mean you're secureHow to move beyond "check-the-box" compliance to holistic risk managementThe importance of building security in, not bolting it onCyber Insurance EssentialsTop 5 controls insurers look for: MFA, comprehensive backups, email filtering, security awareness training, and wire transfer verificationHow insurance underwriting works and what carriers assessWhy you should contact your carrier FIRST during an incidentCommon policy pitfalls: waiting periods, coverage triggers, and business interruption termsEffective Risk ManagementHow to run meaningful tabletop exercises (not just compliance theater)Why you need to include the right people: IT, legal, HR, facilities, and your insurance carrierThe importance of making cybersecurity a daily habit, not a one-time eventHow to quantify risks and prioritize using heat maps and business impactThird-Party RiskWhy outsourcing doesn't transfer all responsibilityThe growing importance of vendor risk managementHow downstream attacks can impact your operations We're thrilled to be sponsored by IXL. IXL's comprehensive teaching and learning platform for math, language arts, science, and social studies is accelerating achievement in 95 of the top 100 U.S. school districts. Loved by teachers and backed by independent research from Johns Hopkins University, IXL can help you do the following and more:Simplify and streamline technologySave teachers' timeReliably meet Tier 1 standardsImprove student performance on state assessments

In "Is Your ERP a Data Graveyard: How to Unlock Millions with Nauta's Valentina Jordan", Joe Lynch and Valentina Jordan, Co-Founder and CEO of Nauta, discuss how structuring fragmented data turns supply chain silos into actionable revenue. About Valentina Jordan Valentina Jordan is the Co-Founder and CEO of Nauta, where she is re-engineering supply chains through clean AI data infrastructure. Previously, Valentina led product for Rappi's largest business segment, helping build and scale the core product stack behind Latin America's largest delivery platform, before bringing that same operational rigor to leadership roles at Amazon. At Nauta, Valentina brings a product-first, systems-level perspective to rethinking how supply chains operate, tackling the industry's most foundational challenge: building clean, structured data infrastructure that enables smarter decision-making. About Nauta Nauta is the AI-native operating system that connects your inventory, logistics, and procurement data into one intelligent layer. By acting as an intelligent membrane over existing ERP, TMS, and WMS systems, Nauta eliminates "data graveyards" by unifying fragmented data from emails, documents, and spreadsheets into a single source of truth. The platform moves beyond simple visibility, providing SKU-level insights and automated workflows that allow shippers to proactively manage exception handling and cash flow. Trusted by multinational leaders in the food, beverage, and retail sectors including distributors for brands like New Balance, Modelo, and L'Oreal, Nauta manages data for enterprises representing over $15B in annual sales. SOC 2 Type II certified, the platform empowers manufacturers and retailers to reduce container lifecycle times, prevent stockouts, and eliminate costly penalties like detention fees. Nauta's mission is to provide the standardized "rails of data infrastructure" necessary for truly autonomous and resilient global supply chains.  Key Takeaways: Is Your ERP a Data Graveyard: How to Unlock Millions In "Is Your ERP a Data Graveyard: How to Unlock Millions with Nauta's Valentina Jordan", Joe Lynch and Valentina Jordan, Co-Founder and CEO of Nauta, discuss how structuring fragmented data turns supply chain silos into actionable revenue. The "Data Fragmentation" Mess: Global shippers are stuck with data trapped in emails, PDFs, and clunky legacy systems. This chaos forces teams to waste 75% of their day babysitting spreadsheets instead of making moves that actually scale the business. One Single Source of Truth: Nauta fixes this as an AI-native engine that pulls those messy data streams into one place. From finance to procurement, everyone works off the same live data—killing "tribal knowledge" for good. The Real Cost of Stockouts: For brands like Modelo or L'Oreal, a stockout isn't just a missed sale; it's a hit to your reputation and a massive financial penalty. Nauta shifts you from reactive "firefighting" to proactive prevention. Saving Millions in Revenue: Using predictive analytics, Nauta's inventory engine flags risks weeks in advance. One customer even saved $1.2M in a single quarter by dodging retail penalties and lost sales. Killing "Dry Runs" and Fees: Shippers pay for empty trucks because they can't see what's happening at the port. Nauta's predictive tech and automated communication can slash detention costs by up to 80%. SKU-Level Control: Most platforms track the box; Nauta tracks the product. We map data down to the individual item, so you know exactly which vessel is carrying your high-priority promotional stock. Smarter Procurement: With SKU-level insights, your team can make surgical decisions—like rerouting high-demand items before they even dock—ensuring the right product hits the right shelf every time. Learn More About Is Your ERP a Data Graveyard: How to Unlock Millions Valentina Jordan | Linkedin Nauta | Linkedin Nauta The Logistics of Logistics Podcast If you enjoy the podcast, please leave a positive review, subscribe, and share it with your friends and colleagues. The Logistics of Logistics Podcast: Google, Apple, Castbox, Spotify, Stitcher, PlayerFM, Tunein, Podbean, Owltail, Libsyn, Overcast Check out The Logistics of Logistics on Youtube

Send a textSecurity readiness is slipping while threats race ahead—so we zero in on what actually moves the needle. We start with a frank look at why so many teams feel behind: AI-driven attacks, budget constraints, and a hiring market that demands senior talent at entry-level pay. Then we get practical, connecting CISSP Domain 1 concepts to real decisions leaders make every week: how to align risk management with business goals, how to write policies that drive action, and how to use standards, baselines, guidelines, and SOPs to turn strategy into measurable outcomes.From there, we dig into quantitative risk without the fluff. You'll hear how to compute Single Loss Expectancy and Annualized Loss Expectancy, and why ALE clarifies budget asks better than any slide deck. We contrast due care and due diligence in plain terms: patch what's critical now, and keep a repeatable process that proves you act responsibly over time. We also revisit ISC2 ethics, centering the top priority—protect society and the common good—and show how that principle shapes daily choices around audits, monitoring, and vendor assurance.Cloud security gets its own spotlight. When penetration tests are restricted, we show how to leverage SOC 2 Type II and ISO 27001 under NDA, map those assurances to your control set and risk appetite, and close gaps with compensating controls. Along the way, we challenge common hiring myths, explore smart uses of MSPs, and show why cross-training software engineers into security often outperforms chasing more certifications. The result is a clear, actionable path from policy to practice that helps you harden faster and justify every control with data.If you're studying for the CISSP or leading a team that needs wins now, this session brings usable strategies, not buzzwords. Subscribe, share with a teammate who needs it, and leave a review to tell us which takeaway you'll implement first.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter.

(02:00): Hvordan udregner man, hvad en demonstration koster for samfundet? Medvirkende: Peter Skaarup, Folketingsmedlem for Danmarksdemokraterne. (13:00): Socialdemokratiet lægger nu op til at ændre i et af partiets helt store slagnumre – retten til tidlig pension, bedre kendt som Arne-pensionen. Medvirkende: Kristian Spanggaard, havnearbejder og det nye ansigt for Soc. Dem. pensionsudspil. (30:00): Bliver den Olympiske Våbenhvile respekteret, når Israel og USA har indledt en offensiv mod Iran lige inden de Paralympiske Lege? Medvirkende: Asger Lind Krebs, bestyrelsesmedlem i Parasport Danmark. (38:00): Allerede nu ved vi, at pensionsudspillet vil indeholde en udvidet adgang til tidlig pension - den såkaldte Arne-pension. Medvirkende: Brian Weichardt, politisk kommentator på RADIO IIII. (46:00): Hvilken situation vil det stille jer i som beboere på Livø, hvis der også skulle være plads til et udrejsecenter der? Medvirkende: Jesper Lynge Bergholdt, forpagter på Livø. Værter: Mathias Wissing & Peter Marstal. See omnystudio.com/listener for privacy information.

Pinar Ormeci, CEO of Lexful For MSPs, documentation is essential. But it's also one of the hardest parts of running a service business. Inaccurate, outdated, or inaccessible documentation slows teams down, increases onboarding time for new technicians, and can even put service quality at risk. That's the problem Lexful is aiming to solve with a new approach. In this episode, we sit down with Pinar Ormeci, CEO of Lexful, to discuss the company's new AI-native platform built specifically for managed service providers. Pinar explains how Lexful uses artificial intelligence to capture and organize MSP best practices in real time, making documentation not just a compliance task, but a practical tool that drives efficiency and reduces errors. We also dive into some of the challenges MSPs face when adopting AI tools — like ensuring sensitive client data stays secure and meets regulatory or geographic requirements — and how Lexful addresses these concerns with flexible data residency options. Plus, Pinar shares her thoughts on global expansion, including the Canadian MSP market, and what makes Lexful different from traditional IT documentation tools. Whether you're looking for ways to improve operational efficiency, reduce technician burnout, or future-proof your MSP business with AI, this conversation offers practical insights and a glimpse at where documentation technology is heading. Tune in to hear Pinar Ormeci explain how AI can transform the way MSPs capture, store, and use the knowledge that keeps their businesses running. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always your host for the show. If you’re an MSP, you know that documentation is both critical and, let’s be honest, often a pain. From onboarding new technologies to keeping client procedures up to date, maintaining clean, accurate and accessible documentation can feel like a full-time job and even then it’s rarely perfect. That’s where Lexful comes in. Founded by Pinar Ormeci, Lexful is a new AI-native platform designed specifically for managed service providers. The goal is to make documentation smarter, faster and more useful, not just for the teams doing the work today, but for future technicians, clients and partners. Think of it as giving your organization a digital brain that learns your processes, organizes your best practices and helps your team actually use the documentation you spent so long building. In today’s conversation, Pinar walks us through what makes Lexful different from traditional IT documentation tools, how the platform’s AI assistant Ask Lex works, and how MSPs can balance the need for actionable insights with security and control over sensitive client data. We also talk about global expansion, including Canada, of course, and what it takes to bring AI-powered documentation to MSPs operating in regulated markets or multiple geographies. Whether you’re curious about AI in the MSP workflow, looking for ways to improve operational efficiency, or just interested in the next wave of tools that may be shaping the channel, this episode’s full of insights from someone who’s building a platform designed for exactly that. Grab your headphones and let’s jump into a conversation with Pinar Ormeci, CEO of Lexful. Robert Dutt: Thanks for taking the time. I appreciate you’re joining us to talk a little bit about what’s going on over at Lexful. Pinar Ormeci: Thank you so much for having me, Robert. Robert Dutt: You’re entering a market that MSPs already know well in terms of documentation tools. What was it that was broken enough about the status quo, the situation, that you felt like, “Oh, it’s time to start from scratch with something brand new.” Pinar Ormeci: Yeah, as you can imagine, everything changed with AI, with the advent of AI and the pace of doing things and how MSPs must react and are reacting to an AI-first world even today, and it’s even accelerating as we continue. So as such, we fundamentally believe that the things that worked yesterday will not work today and definitely not tomorrow, right, for the workforce that contains humans and AI agents. So we are the response to a long-standing pain point that the MSPs have when it comes to documenting what they have, finding answers and context when they need, and also having the ability to update that documentation as needed, right? So MSPs, when they’re operating, they’re going 100 miles an hour across clients, across tabs, across tools, and the last thing they need is wasting time trying to find the right answer, right network diagram, trying to see if that’s actually the latest and greatest. And usually that doesn’t happen. There’s a lot of tribal knowledge that lives in the MSPs because they honestly, at some point, stop trusting the data that they have and things start living in their minds. And that’s the reason why we exist. So yes, we are an IT documentation solution, but we are an AI-native platform that is starting with documentation and our goal is to really help MSPs move into knowledge operations, an AI operating layer, where the knowledge becomes autonomous, the outcomes become autonomous, and really the knowledge becomes a living thing. Robert Dutt: Well, let’s start with where you’re at in that regard. From your perspective and from what you were hearing as you were building up Lexful and planning it out, what’s the real cost of bad, outdated, unfindable documentation inside an MSP’s operation? Both in terms of operational stuff for the organization, but also in terms of ability to grow, margins of the business, the experience that technicians have, those kinds of things that are not peripheral, but not right at the center of operations. Pinar Ormeci: Excellent question. And what we say is that MSP documentation as it stands today is really broken. And ultimately, this is an economic problem. This is not a technical problem in the sense that it costs MSPs real margin. And how does that happen? So today, documents become stale as soon as they are written. Technicians waste hours collectively trying to find the right information, and manual updates really don’t scale. So what this ends up resulting in is missed signals, right? So you don’t act when you should be acting. You don’t find answers as fast as you could. Your technicians get burned out because literally after five, ten minutes of searching and not being able to find what they need, technicians go to other technicians. So everybody’s pinging each other, disrupting. So there’s also a lot of context switching. And this results in errors where you’re trying to solve different clients’ problems. And ultimately and fundamentally, this really results in eroding client trust and churn, right? So we see this documentation problem not as a technical problem, but fundamentally an economic problem that has real impact on the bottom line of the MSPs. And also their top line, because knowledge is also critical, Robert, for AI agents, for workflows. Your AI workflow or your agentic workforce is only as strong as the data that they rely on. So if you have a bunch of unstructured data lying around across different tools and you have no clue how stale or up to date they are, your agents won’t be as useful as they could be. So we are approaching the problem on both sides, both reducing your costs and increasing your margins, but also really preparing you for the agentic workflow and also AI-driven new revenue streams. Robert Dutt: You’ve positioned Lexful as an AI-native platform rather than a traditional documentation tool with AI built in, strapped on, however you want to phrase that. What does that mean in practice for an MSP that’s using Lexful on a day-to-day basis as opposed to using traditional documentation tools or methodologies? Pinar Ormeci: Sure. Legacy documentation tools were built in a different era, right? Before AI existed, they really depended on manual entry, keyword search, and they’re optimized for storage really, not to be an operational workhorse. Not for knowledge operations, where you’re able to put data to work for you 24/7. So our goal with Lexful is to move from this world of scattered docs and tribal knowledge to a unified AI-native platform that delivers the right solution to the right technician, anchored to the right context, to the right client, instantly. So this is how this looks in real life. Let’s say that you’re using a legacy documentation tool and you say, “Hey, I’m going to give Lexful a go. I want to try it.” By the way, you can have a completely free trial where you get to use the full functionality of Lexful in parallel to your existing tool. So there’s no risk. We call it migration without mayhem. So if you don’t like it, no feelings hurt. You can always continue with your existing platform. But this is how it looks. The first thing that we do is we migrate all your existing documentation. That means including your SOPs, onboarding guidelines, runbooks, what have you, your MSP-specific documentation, plus all your client assets and passwords and their documents into the Lexful schema. And while we are doing that, we transform that data into context, relationships, assets. So everything becomes structured so that AI can operate seamlessly and securely, very fast, within the guardrails that we put. So that’s fundamentally different than bolting AI into the scattered docs that are unstructured and expecting much from that AI agent. Before we even migrate the documents, Robert, what we’ve done is we completely context-engineered an LLM model to live in the MSP space. So you have this, let’s say, AI technician now that has access to all your data. And the things that you can do with this are really amazing. So we have AI as UI, as entry point to Lexful. And what that means is you can ask natural query questions in plain English. For example, a technician can easily ask, “Hey, what’s the admin password for this client?” Or they can ask, “Hey, what devices need patching for the clients that are in the Ohio area?” Or “What should I do about it?” Or you can say, “Hey, give me a project plan for me to patch these devices and make sure you’re prioritizing them based on urgency.” Or an L1 tech who you just hired and you’re trying to onboard, instead of pinging the senior technicians all the time, they can literally go to Ask Lex, which is our AI-powered knowledge assistant, and say, “Hey, how does my MSP do onboarding? What’s the best way for me to increase my learning curve immediately? What would you propose?” Because this is an LLM now that has access to all your knowledge and is context-engineered, as I mentioned, in the MSP and all things IT. Robert Dutt: And you mentioned data throughout that. And clearly, for Ask Lex, for the AI infrastructure to have the value that it potentially has, it has to have access to both an MSP’s most valuable data, the best practices, the procedures, the stuff that folks have developed over the however many years the business has been in place, and customer data, network diagrams and passwords, et cetera. How are you balancing getting the most out of that and getting the most value out of Lexful with trust, security, control, all those kinds of things that MSPs and rightly customers are going to be asking about? Pinar Ormeci: Yeah, 100%. And that’s why vibe coding is not going to work for any production-grade solution, but also definitely for MSPs, where you have multi-tenancy, security is of utmost importance. You have all these compliances and regulations and all of that, right? So you have to have a real MSP-grade solution. So in our case, obviously, we are handling really sensitive data, the client’s data, and also passwords, right? As a documentation tool, we have password management as part of that, a rich document creator and asset management. So it’s as sensitive as it gets. What we do is zero-trust security from day one. So Robert, I was the CEO of another MSP-first vendor before I joined Lexful, and what we did was Secure Access Service Edge, which is a SASE solution, right? So I’m so security-first because I’ve seen firsthand all the horrible consequences when security is optional. Security is a must-have. It has to belong in an MSP stack, and MSPs actually shouldn’t even deal with clients if the client says, “Oh, security is optional for me.” So I am very, very security-first. So from day one, what we’ve done at Lexful is we said that we’re going to be SOC 2 Type 2 compliant. So the whole thing that we’re building is built in that framework. We are already in SOC 2 audit, by the way, so hopefully we’ll get the SOC 2 Type 2 compliance. That’s the earliest you can get, by the way, as a young company, by the end of this half. Yeah, so we have a never trust, always verify framework, and we do take it very seriously. Robert Dutt: And similar issue, but from a different point of view, many MSPs, especially those outside the US, care about where data lives or even is in transit, or are required by regulation to care about where data lives or is in transit, whether that’s in-country, region-specific, or even locked down to the level of on-prem. I guess, how are you guys thinking about data residency and deployment flexibility as you scale and as your customer base scales? Pinar Ormeci: Oh, yeah, 100%. So as part of the SOC 2 Type 2, we are GDPR compliant. We are California CCPA compliant. So from a data residency perspective, similarly, we use AWS because we’re a global cloud-native platform. So we have data centers in the US, but also in Europe, in Canada, in Australia. So based on need, we have no problems having data centers locally in the region the MSP resides. Robert Dutt: You touched on this a little bit earlier, but I think for a lot of MSPs who are changing something like a documentation system that’s core to the business, it feels like there’s a risk there. Even if you see potential benefits, there’s also the challenge of leaving familiar systems, even if they aren’t your favorite things in the world. Can you elaborate a little bit on how you guys approach migration and early adoption so that partners can evaluate Lexful and still keep the business running at the same time? You touched on kind of having that parallel migration path. How exactly does that look for an MSP? Pinar Ormeci: Oh, yeah. As an operational tool, you cannot disrupt the MSP operations. That’s fundamental. So that’s why we say migration without mayhem, and it’s actually one of our core features. The other thing is we are very API-first, meaning even the product that we built is built on APIs. Our front end and back end are decoupled. Everything we do is via APIs. We have a RESTful API already out there for the MSPs to utilize. And for the migration as well, we have an API that automates the migration from an existing tool into the Lexful schema. But while we do that, we also have the MSP continue to use their existing tool while we bring that knowledge into Lexful. And then in that two-week trial, the MSP can use both platforms at the same time, really make sure all that data is there. They can validate that everything is to their liking and all of that. And at the end of that trial, if they continue to move with Lexful, then they can let go of their existing tool. So yeah, migration is very important. And like I say, we automate the migration to the extent possible using the API. Of course, migration is not trivial in any tool, let alone a documentation tool, especially if the MSP has so much documentation. So we always suggest, do this after Friday. Your workday is over, or during the weekend. So just don’t do it Monday 9 AM, just in case, because it might take one hour, two hours or whatever. But having said that, hopefully the migration is the easiest part of switching to Lexful. Robert Dutt: You’re working with AWS. I think you’re thinking on sort of a global scale, and why wouldn’t you, since it’s all online, it’s all technology. But as you think about global expansion, and I’m going to be biased here and say Canada in particular since that’s where this audience lives, how are you thinking about global focus? And also, I’m curious, as you’re talking to MSPs, what differences do you see in how MSPs think about and approach documentation, compliance, AI across the various regions that you’re talking to partners in? Pinar Ormeci: I think Canadian MSPs are pretty amazing and very innovation-forward. They’re definitely thinking about AI, their clients. They’re not that different from the North American ones, obviously. So we have very mature MSPs in Canada. And I don’t see massive differences when it comes to Canadian MSPs versus American MSPs, honestly, because the level of maturity in both countries is similar. So from a distribution perspective, we want to go wherever the pain points exist today when it comes to knowledge and documentation. And that is literally everywhere, right, Robert? So we are a global player and we also want to make it easy for the MSPs to get access to Lexful. We are working with Sherweb, we are working with Pax8. So the hope is that we will be part of those marketplaces definitely within this year. So by the way, a lot of our developers are in Vancouver. So we have great ties to Canada. I’m actually flying on Sunday to Vancouver for some internal meetings next week. So from our perspective, everything we do, everything we envision, our vision, we are a global player. We want to be the de facto central intelligence layer the MSPs trust for years to come. Robert Dutt: And along those lines, kind of looking forward, for an MSP who comes on board early days, as you guys are launching, how do you hope their business looks different a year from now after they’ve fully realized what you guys are doing and what you guys will do with Lexful over the course of that year? Pinar Ormeci: Yeah, excellent question. So we are a paradigm shift. I really see us, remember those days, for people who are old enough, like we used to have no internet, man. Like we used to have encyclopedias and the books, and like, my background is in engineering, I’m an electrical engineer. If I didn’t know something, I had to go open a book and like, it was these weird times without the internet. And then suddenly there was the internet, where this collective information and you can search for anything and, you know, then Google and so on. So that’s the paradigm shift that we are trying to bring the MSPs into. Instead of manual keyword-based search, manual updates and so on, now you live in that knowledge. Knowledge is always up to date. You do in-context troubleshooting. The technicians, they can be in co-pilot, they can be in their PSA, they can be in their Teams and they can just ask Lex to get the right answer contextually. The next steps, and then whatever is new discovered in that discussion is automatically detected if there is a gap and then trickled down to the right SOP, right KB. So this is the paradigm shift that we are talking about, so that MSPs can focus on not the mundane, like, “Hey, we need to update this document,” try to incentivize technicians on actually what makes the money, what delights their customers. They can be so much more strategic with their clients because just imagine now all the insights you can bubble up utilizing an AI and LLM that knows all your clients, that knows all the trends, that knows all the compliance needs. It is just a different game. So we’re really trying to bring the MSPs into an AI-first world because otherwise people will get left behind, right? The old ways don’t scale. Robert Dutt: And finally, probably the most important question we’re going to ask today, and that’s good journalistic practice, right, to wait till the very end to ask the most important question. I do have to ask though, is it true that your AI is also your channel chief? And if so, how sure are you that Lex isn’t coming for your job? Pinar Ormeci: Yeah, so I was like, you know, if you’re an AI-native company, we need to have some teammates that are not just human, but humanoid, let’s say. So we have as our channel chief a humanoid robot that has an LLM, has an NVIDIA chip. We have trained him on all the right things. Although at Right of Boom, people told me, “Oh, we thought he was a female,” but so yeah, Lex is amazing. And he is very clumsy though, so I don’t know that he’s coming after our jobs that fast. But yeah, we’re living in some amazing times. It’s just really fascinating as a technical person myself who’s been in the tech industry for 20-plus years. It’s fascinating to be living in these times where everything is moving exponentially. And yeah, so we do have a channel chief that is not a human. And he is with us at all the events that we go to. You can come to our booth and say hello, and then you can converse with him as well, right? Ask him like, “Hey dude, what do you think the MSP’s pain points are? Is Lex doing a good job? Is Pinar a good boss?” So he’ll have an opinion for you. Robert Dutt: All right, so flesh-and-bone channel chiefs have been put on notice. They are in fact on the list of roles that can be replaced. But jokes aside, no matter how good Lex and his AI pals get, what’s kind of the one role in all of this that you think humans will always play no matter where the technology goes? Pinar Ormeci: I think the judgment layer, at least for the, let’s say, near term, right? I honestly don’t know, 20 years… the thing is moving so fast. I keep reading Anthropic’s CEO and it’s just, things are changing a lot. But in the near term, the human judgment is still paramount. Human in the loop is paramount. And with AI, you have to always trust, but verify. So at Lexful, we make it such that we give all the reasoning the AI is doing to reach that conclusion, all the links where it’s going. So we make sure that the hallucinations, if there are any, are minimized and the humans can verify everything. So the human in the loop is ultimately critical and they are the judgment factor. And especially in the MSP channel, relationships are key. One of the things I love about the MSPs and this ecosystem is the community aspect, people helping each other. Then there’s MSPs being like, “Hey, we’re all on the same team” attitude. So I don’t think you can replace that for small, medium businesses. Ultimately, the best we can be is human. We are not AI, we are not robots. Humans, we’ve evolved to be social animals and community is such an important part of the MSP ecosystem. I don’t think that’s going anywhere soon. So we are here, as we say at Lexful, not to replace expertise. We’re just here to expose it to more people so that the technicians can do more important jobs other than just wasting hours documenting or finding the right information. Robert Dutt: I appreciate your taking the time. Good luck on rolling out and evolving Lexful. It will be exciting to see where things go from here. Thank you very much. Pinar Ormeci: Thank you so much. Thanks for having me. There you have it, a look at how AI may change your documentation system and maybe even provide a new business platform for your managed services business in the long run, courtesy of Lexful’s Pinar Ormeci. I’d like to thank Pinar for joining us and thank you for listening. That wraps up this week on the podcast. We’ll be back on Monday with In Case You Missed It, our weekly roundup of channel news and trends that you need to know about. And next week and into the near future, we’ll be taking a look at why modern IT environments are increasingly hard to monitor and have a chat with our frequent guest, Tony Anscombe, about the security forces you need to know about. Between now and then, please do subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a review or rating for the show. Have a great weekend. I’m Robert Dutt for ChannelBuzz.ca and I’ll see you around the channel.

In the crowded landscape of AI workflow automation, Diaflow has carved out a distinctive position by prioritizing what enterprise customers care about most: security, compliance, and trust. After years of building custom enterprise software and witnessing firsthand how traditional automation failed to deliver on its promises, founder Jonathan Viet Pham and his co-founders launched Diaflow in September 2023 with a different approach—an AI-native platform that's both powerful and accessible without coding expertise. The results surprised even the founding team: within weeks, the platform ranked number one on Product Hunt and attracted over 10,000 users, with unexpected traction in the competitive US market. In this conversation, Viet discusses how Diaflow differentiates through enterprise-grade compliance standards, the evolution toward a hybrid pricing model, the company's community-first strategy including free university access, and how Insignia Ventures Partners' seed investment is accelerating both technological innovation and global expansion into Southeast Asia and beyond.About Our GuestJonathan Viet Pham is the Founder and CEO of Diaflow, an AI-native workflow automation platform that enables businesses to deploy powerful AI agents without extensive coding knowledge. Based in the San Francisco Bay Area, Jonathan brings a unique blend of finance and technology expertise to his role. His family developed Vietnam's first dictionary, which was sold to Apple in 2014, instilling in him an early appreciation for product development. After studying finance at Lucerne University of Applied Sciences and Arts in Switzerland, Viet founded his first global startup in 2017, expanding it to five countries before the COVID-19 pandemic forced a pivot.From 2020 to 2023, Jonathan served as Managing Partner at Devtify Technologies, where he led digital transformation consultancy and implementation for over 50 global clients across the Financial Services Industry and Digital Retail sectors in the US and Vietnam. His client portfolio included major brands such as TheFaceShop Vietnam, BeautyBox, Reebok Vietnam, and Techcombank, achieving seven-figure annual revenue. He also founded Artcific, a digital platform connecting artists and galleries that attracted 20,000 daily visitors, and co-founded Calioo Technologies, an online marketplace for bakeries and eateries in Hong Kong.In September 2023, Jonathan co-founded Diaflow with his long-time collaborators Lai Pham (Co-founder and CTO) and Anh Doan (Co-founder and CISO), a team that has worked together for over seven years. Under his leadership, Diaflow has achieved significant milestones including ranking number one on Product Hunt, attracting over 10,000 users globally, and securing full compliance with HIPAA Type II, SOC 2 Type I, and GDPR standards. The company raised a seed round led by Insignia Ventures Partners in 2025, positioning it for continued global expansion and technological innovation in the AI workflow automation space.Directed by Paulo JoquiñoProduced by Paulo JoquiñoFollow us on LinkedIn for more updatesThe content of this podcast is for informational purposes only, should not be taken as legal, tax, or business advice or be used to evaluate any investment or security, and is not directed at any investors or potential investors in any Insignia Ventures fund. Any and all opinions shared in this episode are solely personal thoughts and reflections of the guest and the host.

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Got a question or comment? Message us here!Open-source intelligence (OSINT) isn't just for threat actors ... it's a powerful advantage for SOC teams too. In this episode, we break down how publicly available data can help you uncover exposed assets, detect vulnerabilities early, and shrink your attack surface before attackers do.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

In this episode of The Quality Hub: Chatting with ISO Experts, Xavier Francis interviews Beau Butaud of Render Compliance to break down what SOC 2 is, who it's for, and whether it's worth pursuing. They discuss how SOC 2 serves as a third-party audit that builds trust between B2B companies handling sensitive data, explain the five Trust Services Criteria with a focus on security, and clarify the differences between SOC 2 Type 1 and Type 2 reports. The conversation also compares SOC 2 to ISO 27001, outlines typical costs and annual renewal expectations, and offers practical advice for organizations considering certification, emphasizing the importance of planning, proper scoping, and working with experienced professionals.   Helpful Resources: Beau Butaud - Email: beau@rendercompliance.com, Website: rendercompliance.com, LinkedIn: https://www.linkedin.com/in/beaubutaud/ SOC 2 Compliance:  https://www.thecoresolution.com/soc-2-compliance For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Sumo Logic's VP of Security Strategy reveals how a ground-up agentic framework transformed their platform, and why clean data and autonomous agents are rewriting the rules of cloud security.Topics Include:Sumo Logic is a cloud analytics platform ingesting data from complex IT stacks.Built on AWS from the start, leveraging microservices for scalable solutions.Early AI efforts produced a natural language query co-pilot for security data.Bolting AI onto existing platforms proved brittle and one-dimensional.Customer feedback drove a decision to redesign AI from the ground up.The Dojo AI framework unifies purpose-built agents across the entire platform.New agents include a SOC analyst agent, knowledge agent, and MCP server.New frontier models on Bedrock give the whole platform an instant brain transplant.Autonomous agents require rethinking security controls beyond traditional programmatic guardrails.Federal and global customers demand rigorous, levelled-up security across all regions.Clean, normalized data proved the biggest unlock for reliable AI query results.Agent-to-agent communication and MCP will define the next era of AI platforms.Participants:Chas Clawson – Vice President, Security Strategy, Sumo LogicSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Animée par Lionel, La Zic dans la Soc donne toute sa place aux musiques du monde et de tous les genres pour parler de leurs influences dans la société.Originaire de Côte d'Ivoire, le batteur Biguy Melindji a accompagné des artistes comme Alpha Blondy, Tiken Jah Fakoly, Mory Kanté, Papa Wemba,…Avec l'envie de partager son amour pour la musique pop rock et d'y mêler ses racines, il créé un nouvel instrument : la “Battrady” (batterie faite de percussions africaines).Ce dealer de bonheur et de bonne humeur fait donc dialoguer les cultures et les langues dans le projet Afrorok avec des compositions chantées en baoulé (sa langue maternelle), en français et en anglais.Hébergé par Ausha. Visitez ausha.co/politique-de-confidentialite pour plus d'informations.

Dell Technologies introduces the Dell PowerEdge XR9700 server, a first-of-its-kind closed-loop liquid-cooled, fully-enclosed, ruggedised server engineered to run Cloud RAN and edge AI workloads in unprotected outdoor environments. Designed to mount on utility poles, rooftops and building exteriors, the PowerEdge XR9700 brings high-performance computing into dense urban areas, remote locations, and space-constrained facilities where traditional data centre infrastructure cannot reach. Why it matters Telecommunications operators and those working at the edge often struggle to deploy compute due to a lack of power and space. The PowerEdge XR9700 solves this, delivering high-performance compute directly at the point of need in an ultra-compact, zero-footprint IP66-rated enclosure that's sealed from the elements. For telecommunications operators, it provides a flexible, software-defined alternative to traditional RAN solutions, supporting Cloud RAN and Open RAN processing at the cell site. At the same time, the platform can run edge and AI applications directly where data is created and consumed. Built for Extreme Conditions Designed to withstand the harshest environments, this platform's ultra-compact IP66-rated enclosure and GR-3108 Class 4 certification delivers reliable, quiet performance in environments exposed to extreme temperatures, dust, and moisture. Closed-loop liquid cooling with a thermal management architecture maintains consistent operation across a temperature range of -40°C to 46°C (-40°F to 115°F) and withstands direct solar radiation, all in a compact 15-litre form factor suitable for mounting on utility poles, rooftops and building sides. This zero-footprint design brings telecom and edge workloads to locations where only traditional radio solutions could previously operate. Performance that Scales Powered by the Intel Xeon 6 SoC with integrated Intel vRAN Boost technology and Intel AMX technology, the PowerEdge XR9700 delivers the processing power and fronthaul connectivity to support up to 15 5G sectors in a single server. While optimised for Cloud RAN, the platform's flexibility allows operators to run edge and AI workloads based on network architecture and service requirements. As part of the Dell PowerEdge XR-Series, the XR9700 integrates with Dell's existing management tools and software stack. Integrated Dell Remote Access Controller (iDRAC) provides remote visibility and control for zero-touch provisioning (ZTP), while compatibility with the same Cloud RAN software validated on the PowerEdge XR8720t simplifies certification and accelerates telecom deployments. Andrew Vaz, vice president, Dell Technologies: "Operators and enterprises shouldn't have to compromise when deploying compute in challenging environments. The Dell PowerEdge XR9700 brings Cloud RAN, Open RAN, and edge AI capabilities to places they've never been able to go before, opening up new possibilities for network expansion and edge applications." Cristina Rodriguez, VP and General Manager, Intel Network & Edge, said: "Intel Xeon 6 SoC processors are built to deliver market-leading performance with breakthrough power- and space-efficiency. Through long-standing collaboration with Dell – including the newest PowerEdge servers – together, we're empowering operators and enterprises alike to access the power of open, virtualised, and AI-driven innovations for their most challenging environments. This represents a significant step forward in making 5G and edge computing truly ubiquitous." Rakuten Mobile, as one of the launch customers, will deploy the Dell PowerEdge across its nationwide mobile network in Japan. Sudhakar Pandney, Head of RAN, Rakuten Mobile, said: "The relationship with Dell Technologies is key for Rakuten Mobile's virtualised Open RAN cloud-native infrastructure in Japan. Their new server solution will significantly enhance the efficiency and performance of our high-performance Cloud RAN and AI capabilities, particularly in c...

John Hammond was a kid who Googled "how to become a hacker" and took it seriously. He learned Python, found his way into the Coast Guard Academy, and remembers squaring down a stairwell at two in the morning - rigid military posture, full indoctrination protocol - vibrating with excitement because he was about to sit next to smart people and solve security problems for a living. That visceral, middle-of-the-night certainty became the foundation of everything that followed.Today he's a principal security researcher on the Adversary Tactics team at Huntress, employee number twenty-eight at a company that's now over six hundred people. He's also one of the most recognized cybersecurity educators on the internet, producing hour-long exploit deep dives on YouTube that get more genuine engagement than most vendors' entire content budgets combined.In this episode, John talks about why the cybersecurity industry is stuck on a treadmill it may never get off and whether the business model actually depends on that treadmill keeping pace.He explains why Huntress is deliberately slow about integrating AI into their human-led SOC and why that uncertainty is more credible than the confident claims coming from thousands of other cybersecurity vendors in the space.We also get into territory that most cybersecurity conversations gloss over.John makes the case that the security awareness gap isn't informational - the information exists, he's made it free on YouTube - it's motivational, and most training programs are built around what the security team thinks is important rather than what the end user actually cares about.He talks about why checklists function as a ceiling on curiosity, and why the discoveries that actually matter are the ones that never make it onto the procedure document.And he gets real about burnout - the arc from obsessive passion to unsustainable output that the industry celebrates in keynotes and ignores in its operational expectations.There's a moment near the end where I asked him to describe Huntress in three words and he gave me an internal mantra - ethical badasses - that says more about how the company thinks about culture as a competitive weapon than any mission statement ever could.This is a conversation about what happens when someone who never optimized for credibility becomes one of the most credible voices in the room.Listen and enjoy.A special thanks to our friends at Huntress for partnering with us to tell this story. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit audience1st.substack.com

Aleksandr Yampolskiy was doing everything right. He had the tools, the budget, the processes - the full security stack humming along at the e-commerce company where he served as CISO. Then one routine vendor integration blew the whole thing open. Unencrypted credit card data from other customers, just sitting there, inside a platform that had been rubber-stamped by a Big Four firm. In that moment, he realized something most security leaders spend their careers trying not to think about: you can do everything right and still lose your job because someone else didn't.That scar became SecurityScorecard.But here's where the story gets interesting. When Aleksandr, or AY - as he introduced himself when joining me in my studio, started telling people in 2013 that he wanted to quantify cyber risk the same way credit scores quantify financial risk, nobody was excited. The reactions ranged from "that's impossible" to a polite shrug. Most founders would have taken that as a signal to pivot. Alex took it as proof he was early enough to matter.In this episode, we go deep. We talk about why the status quo, not a named competitor, is the most dangerous thing your sales team will ever face. AY tells the story of twenty buyers who all said "I love it, I'll buy it" and then every single one of them disappeared when he came back with the finished product. (Oh, how I resonate deeply with this pain.)He explains how a pediatrician named Dr. Virginia Apgar, who saved tens of thousands of newborns with a simple scoring system, became the intellectual blueprint for how Security Scorecard thinks about risk. And he gets honest about hiring decisions that went wrong because he ignored a gut feeling he couldn't quite articulate at the time.We also get into territory that most cybersecurity podcasts don't touch. AY talks about boards adopting AI to impress Wall Street while CISOs scramble to secure shadow deployments nobody authorized. He walks through why 150 companies control ninety percent of the global attack surface and what that means for everyone else. He makes the case that quantum computing will be a Y2K-scale migration problem much sooner than the industry wants to admit. And he shares a question from his company advisor that I think every GTM leader needs to sit with: Who do you want your customers to become?This is a conversation about how a scientist thinks about risk, why the language gap between the SOC and the boardroom is an actual vulnerability, and what it really takes to build something that changes how an industry operates.Listen in and enjoy.A special thanks to our friends at SecurityScorecard for partnering with us to tell this story. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit audience1st.substack.com

Send a textCameron and Gabe sit down with Girish Redekar, co-founder and CEO of Sprinto, to pull back the curtain on one of the most misunderstood areas of security: compliance.Girish built his first startup, RecruiterBox, to 3,500 customers before selling it, and it was the painful, expensive, duct-taped compliance process he experienced firsthand that sparked the idea for Sprinto. Today, Sprinto helps companies move beyond point-in-time audits into something far more valuable: continuous, autonomous trust.In this episode, we dig into:Why passing a SOC 2 or ISO 27001 audit doesn't mean you're actually secureThe three stages of compliance maturity — and how to climb themWhat "compliance debt" is and why it's quietly eating your businessHow smart CISOs use their security posture as a revenue driver, not a back-office cost centerThe "$100/month" challenge: what actually moves the needle for startupsHow AI is reshaping compliance programs — for better or worseWhy Girish spent over a year talking to customers before writing a single line of codePlus: the "sell more jeans" framework every CISO should know, Rich Hickey, The Mom Test, and the toilet paper question.

Send a textAI just found hundreds of high-severity vulnerabilities hiding in open source, and the market flinched. We dig into what Anthropic's Claude Code Security actually means for security teams, why vendors like CrowdStrike and Okta aren't going away, and how the real change lands on roles, workflows, and the skills you need next. From CI/CD integration to vulnerability discovery at scale, we frame where general models augment specialized tools and where human expertise still anchors the stack.We also get tactical with five CISSP-style AI questions designed to sharpen your instincts. You'll learn how adversaries reverse engineer decision boundaries to drive up false negatives, what adversarial examples look like in practice, and why adversarial training matters. We break down indirect prompt injection—how a crafted document can hijack an LLM to exfiltrate session data—and outline guardrails that actually reduce risk. Then we map AI risk using NIST's AI RMF, focusing on the Measure function to evaluate potential harms to protected classes, and we unpack why federated learning still faces privacy leakage through gradient updates without differential privacy and secure aggregation.If you're in a SOC or building AppSec pipelines, this conversation gives you a blueprint to adapt: automate tier one triage, monitor for model drift, add OOD detection, and treat your models like code with tests, reviews, and rollbacks. If you're planning your career, we share concrete pivot paths into detection engineering with ML, AI governance, and assurance. Want more hands-on practice and mentorship to pass the CISSP the first time and future-proof your skills? Subscribe, share this with a teammate, and leave a review with the next AI topic you want us to tackle.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Oil and gas companies generate enormous volumes of operational, geological, and production data. Despite this abundance, much of that data remains fragmented, inconsistent, and difficult to trust. Teams often spend a significant portion of their time preparing datasets rather than analyzing them. The result is delayed decision-making, inflated costs, and reduced operational agility. The core complication lies in data quality, data governance, and data readiness. Duplicate records, null values, drift, and structural inconsistencies make it difficult to move quickly from raw data to actionable insight. Asset teams frequently work semi-independently, each rebuilding transformation processes from scratch. Without reliable data foundations, scaling analytics, automation, or advanced modelling becomes difficult and costly.  In this episode, I'm in conversation with Shravan Gunda, CEO of Kaarvi, to discuss how a structured approach to data ingestion, anomaly detection, ETL transformation, and data lineage can reduce time-to-insight from weeks to hours. He outlines how upstream teams can standardize workflows, support governance requirements such as SOC 2, and deploy platforms either on-premises or via SaaS. Clean, trusted data is a prerequisite for accelerating analytics and enabling more advanced digital capabilities.

Got a question or comment? Message us here!This episode of the #SOCBrief goes beyond day-to-day cybersecurity news and dives into what SOC success actually looks like from the leadership side. Andrew and CISO Jonathan Kimmitt discuss how SOC teams can communicate risk, create meaningful deliverables, use metrics effectively, and gain leadership buy-in for security decisions.From risk profiles to reporting and real-world decision making, this episode focuses on turning SOC activity into measurable organizational value.

Got a question or comment? Message us here!AI can categorize images, analyze logs, and surface patterns faster than any human ever could, but it doesn't understand context, legality, or nuance. In this episode, we discuss how AI is transforming criminal forensics and SOC investigations while examining the ethical, legal, and operational guardrails that must stay in place. As organizations adopt more AI-driven tools, the real challenge isn't capability ... it's maintaining responsible human control.

In this episode, hosts Lois Houston and Nikita Abraham are joined by special guests Samvit Mishra and Rashmi Panda for an in-depth discussion on security and migration with Oracle Database@AWS. Samvit shares essential security best practices, compliance guidance, and data protection mechanisms to safeguard Oracle databases in AWS, while Rashmi walks through Oracle's powerful Zero-Downtime Migration (ZDM) tool, explaining how to achieve seamless, reliable migrations with minimal disruption.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services. Lois: Hello again! We're continuing our discussion on Oracle Database@AWS and in today's episode, we're going to talk about the aspects of security and migration with two special guests: Samvit Mishra and Rashmi Panda. Samvit is a Senior Manager and Rashmi is a Senior Principal Database Instructor.  00:59 Nikita: Hi Samvit and Rashmi! Samvit, let's begin with you. What are the recommended security best practices and data protection mechanisms for Oracle Database@AWS? Samvit: Instead of everyone using the root account, which has full access, we create individual users with AWS, IAM, Identity Center, or IAM service. And in addition, you must use multi-factor authentication. So basically, as an example, you need a password and a temporary code from virtual MFA app to log in to the console.  Always use SSL or TLS to communicate with AWS services. This ensures data in transit is encrypted. Without TLS, the sensitive information like credentials or database queries can be intercepted. AWS CloudTrail records every action taken in your AWS account-- who did what, when, and from where. This helps with audit, troubleshooting, and detecting suspicious activity. So you must set up API and user activity logging with AWS CloudTrail.  Use AWS encryption solutions along with all default security controls within AWS services. To store and manage keys by using transparent data encryption, which is enabled by default, Oracle Database@AWS uses OCI vaults. Currently, Oracle Database@AWS doesn't support the AWS Key Management Service. You should also use advanced managed security services such as Amazon Macie, which assists in discovering and securing sensitive data that is stored in Amazon S3.  03:08 Lois: And how does Oracle Database@AWS deliver strong security and compliance? Samvit: Oracle Database@AWS enforces transparent data encryption for all data at REST, ensuring stored information is always protected. Data in transit is secured using SSL and Native Network Encryption, providing end-to-end confidentiality. Oracle Database@AWS also uses OCI Vault for centralized and secure key management. This allows organizations to manage encryption keys with fine-grained control, rotation policies, and audit capabilities to ensure compliance with regulatory standards. At the database level, Oracle Database@AWS supports unified auditing and fine-grained auditing to track user activity and sensitive operations. At the resource level, AWS CloudTrail and OCI audit service provide comprehensive visibility into API calls and configuration changes. At the database level, security is enforced using database access control lists and Database Firewall to restrict unauthorized connections. At the VPC level, network ACLs and security groups provide layered network isolation and access control. Again, at the database level, Oracle Database@AWS enforces access controls to Database Vault, Virtual Private Database, and row-level security to prevent unauthorized access to sensitive data. And at a resource level, AWS IAM policies, groups, and roles manage user permissions with the fine-grained control. 05:27 Lois Samvit, what steps should users be taking to keep their databases secure? Samvit: Security is not a single feature but a layered approach covering user access, permissions, encryption, patching, and monitoring. The first step is controlling who can access your database and how they connect. At the user level, strong password policies ensure only authorized users can login. And at the network level, private subnets and network security group allow you to isolate database traffic and restrict access to trusted applications only. One of the most critical risks is accidental or unauthorized deletion of database resources. To mitigate this, grant delete permissions only to a minimal set of administrators. This reduces the risk of downtime caused by human error or malicious activity. Encryption ensures that even if the data is exposed, it cannot be read. By default, all databases in OCI are encrypted using transparent data encryption. For migrated databases, you must verify encryption is enabled and active. Best practice is to rotate the transparent data encryption master key every 90 days or less to maintain compliance and limit exposure in case of key compromise. Unpatched databases are one of the most common entry points for attackers. Always apply Oracle critical patch updates on schedule. This mitigates known vulnerabilities and ensures your environment remains protected against emerging threats. 07:33 Nikita: Beyond what users can do, are there any built-in features or tools from Oracle that really help with database security? Samvit: Beyond the basics, Oracle provides powerful database security tools. Features like data masking allow you to protect sensitive information in non-production environments. Auditing helps you monitor database activity and detect anomalies or unauthorized access. Oracle Data Safe is a managed service that takes database security to the next level. It can access your database configuration for weaknesses. It can also detect risky user accounts and privileges, identify and classify sensitive data. It can also implement controls such as masking to protect that data. And it can also continuously audit user activity to ensure compliance and accountability. Now, transparent data encryption enables you to encrypt sensitive data that you store in tables and tablespaces. It also enables you to encrypt database backups. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access that data. You can configure OCI Vault as a part of the transparent data encryption implementation. This enables you to centrally manage keystore in your enterprise. So OCI Vault gives centralized control over encryption keys, including key rotation and customer managed keys. 09:23 Lois: So obviously, lots of companies have to follow strict regulations. How does Oracle Database@AWS help customers with compliance?  Samvit: Oracle Database@AWS has achieved a broad and rigorous set of compliance certifications. The service supports SOC 1, SOC 2, and SOC 3, as well as HIPAA for health care data protection. If we talk about SOC 1, that basically covers internal controls for financial statements and reporting. SOC 2 covers internal controls for security, confidentiality, processing integrity, privacy, and availability. SOC 3 covers SOC 2 results tailored for a general audience. And HIPAA is a federal law that protects patients' health information and ensures its confidentiality, integrity, and availability. It also holds certifications and attestations such as CSA STAR, C5. Now C5 is a German government standard that verifies cloud providers meet strict security and compliance requirements. CSA STAR attestation is an independent third-party audit of cloud security controls. CSA STAR certification also validates a cloud provider's security posture against CSA's cloud controls matrix. And HDS is a French certification that ensures cloud providers meet stringent requirements for hosting and protecting health care data. Oracle Database@AWS also holds ISO and IEC standards. You can also see PCI DSS, which is basically for payment card security and HITRUST, which is for high assurance health care framework. So, these certifications ensure that Oracle Database@AWS not only adheres to best practices in security and privacy, but also provides customers with assurance that their workloads align with globally recognized compliance regimes. 11:47 Nikita: Thank you, Samvit. Now Rashmi, can you walk us through Oracle's migration solution that helps teams move to OCI Database Services? Rashmi: Oracle Zero-Downtime Migration is a robust and flexible end-to-end database migration solution that can completely automate and streamline the migration of Oracle databases. With bare minimum inputs from you, it can orchestrate and execute the entire migration task, virtually needing no manual effort from you. And the best part is you can use this tool for free to migrate your source Oracle databases to OCI Oracle Database Services faster and reliably, eliminating the chances of human errors. You can migrate individual databases or migrate an entire fleet of databases in parallel. 12:34 Nikita: Ok. For someone planning a migration with ZDM, are there any key points they should keep in mind?  Rashmi: When migrating using ZDM, your source databases may require minimal downtime up to 15 minutes or no downtime at all, depending upon the scenario. It is built with the principles of Oracle maximum availability architecture and leverages technologies like Oracle GoldenGate and Oracle Data Guard to achieve high availability and online migration workflow using Oracle migration methods like RMAN, Data Pump, and Database Links. Depending on the migration requirement, ZDM provides different migration method options. It can be logical or physical migration in an online or offline mode. Under the hood, it utilizes the different database migration technologies to perform the migration. 13:23 Lois: Can you give us an example of this? Rashmi: When you are migrating a mission critical production database, you can use the logical online migration method. And when you are migrating a development database, you can simply choose the physical offline migration method. As part of the migration job, you can perform database upgrades or convert your database to multitenant architecture. ZDM offers greater flexibility and automation in performing the database migration. You can customize workflow by adding pre or postrun scripts as part of the workflow. Run prechecks to check for possible failures that may arise during migration and fix them. Audit migration jobs activity and user actions. Control the execution like schedule a job pause, resume, if needed, suspend and resume the job, schedule the job or terminate a running job. You can even rerun a job from failure point and other such capabilities. 14:13 Lois: And what kind of migration scenarios does ZDM support? Rashmi: The minimum version of your source Oracle Database must be 11.2.0.4 and above. For lower versions, you will have to first upgrade to at least 11.2.0.4. You can migrate Oracle databases that may be of the Standard or Enterprise edition. ZDM supports migration of Oracle databases, which may be a single-instance, or RAC One Node, or RAC databases. It can migrate on Unix platforms like Linux, Oracle Solaris, and AIX. For Oracle databases on AIX and Oracle Solaris platform, ZDM uses logical migration method. But if the source platform is Linux, it can use both physical and logical migration method. You can use ZDM to migrate databases that may be on premises, or in third-party cloud, or even within Oracle Cloud Infrastructure. ZDM leverages Oracle technologies like RMAN datacom, Database Links, Data Guard, Oracle GoldenGate when choosing a specific migration workflow. 15:15 Are you ready to revolutionize the way you work? Discover a wide range of Oracle AI Database courses that help you master the latest AI-powered tools and boost your career prospects. Start learning today at mylearn.oracle.com. 15:35 Nikita: Welcome back! Rashmi, before someone starts using ZDM, is there any prep work they should do or things they need to set up first? Rashmi: Working with ZDM needs few simple configuration. Zero-downtime migration provides a command line interface to run your migration job. First, you have to download the ZDM binary, preferably download from my Oracle Support, where you can get the binary with the latest updates. Set up and configure the binary by following the instructions available at the same invoice node. The host in which ZDM is installed and configured is called the zero-downtime migration service host. The host has to be Oracle Linux version 7 or 8, or it can be RCL 8. Next is the orchestration step where connection to the source and target is configured and tested like SSH configuration with source and target, opening the ports in respective destinations, creation of dump destination, granting required database privileges. Prepare the response file with parameter values that define the workflow that ZDM should use during Oracle Database migration. You can also customize the migration workflow using the response file. You can plug in run scripts to be executed before or after a specific phase of the migration job. These customizations are called custom plugins with user actions. Your sources may be hosted on-premises or OCI-managed database services, or even third-party cloud. They may be Oracle Database Standard or Enterprise edition and on accelerator infrastructure or a standard compute. The target can be of the same type as the source. But additionally, ZDM supports migration to multicloud deployments on Oracle Database@Azure, Oracle Database@Google Cloud, and Oracle Database@AWS. You begin with a migration strategy where you list the different databases that can be migrated, classification of the databases, grouping them, performing three migration checks like dependencies, downtime requirement versions, and preparing the order migration, the target migration environment, et cetera. 17:27 Lois: What migration methods and technologies does ZDM rely on to complete the move? Rashmi: There are primarily two types of migration: physical or logical. Physical migration pertains to copy of the database OS blocks to the target database, whereas in logical migration, it involves copying of the logical elements of the database like metadata and data. Each of these migration methods can be executed when the database is online or offline. In online mode, migration is performed simultaneously while the changes are in progress in the source database. While in offline mode, all changes to the source database is frozen. For physical offline migration, it uses backup and restore technique, while with the physical online, it creates a physical standby using backup and restore, and then performing a switchover once the standby is in sync with the source database. For logical offline migration, it exports and imports database metadata and data into the target database, while in logical online migration, it is a combination of export and import operation, followed by apply of incremental updates from the source to the target database. The physical or logical offline migration method is used when the source database of the application can allow some downtime for the migration. The physical or logical online migration approach is ideal for scenarios where any downtime for the source database can badly affect critical applications. The only downtime that can be tolerated by the application is only during the application connection switchover to the migrated database. One other advantage is ZDM can migrate one or a fleet of Oracle databases by executing multiple jobs in parallel, where each job workflow can be customized to a specific database need. It can perform physical or logical migration of your Oracle databases.  And whether it should be performed online or offline depends on the downtime that can be approved by business. 19:13 Nikita: Samvit and Rashmi, thanks for joining us today. Lois: Yeah, it's been great to have you both. If you want to dive deeper into the topics we covered today, go to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 19:35 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Billy Klein went from working 60-80 hour weeks as an EY auditor to helping build FloQast Transform—the fastest-growing product in FloQast history. In this episode, he breaks down how accounting teams are actually implementing AI automation, what makes AI auditable, and why most accountants want to build their own workflows (not outsource to IT).

Guests: Alexander  Pabst, Global Deputy CISO, Allianz SE Michael Sinno, Director of D&R, Google Topics: We've spent decades obsessed with MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond). As AI agents begin to handle the bulk of triage at machine speed, do these metrics become "vanity metrics"? If an AI resolves an alert in seconds, does measuring the "mean" still tell us anything about the health of our security program, or should we be looking at "Time to Context" instead? You mentioned the Maturity Triangle. Can you walk us through that framework? Specifically, how does AI change the balance between the three points of that triangle—is it shifting us from a "People-heavy" model to something more "Engineering-led," and where does the "Measurement" piece sit? Google is famous for its "Engineering-led" approach to D&R. How is Google currently measuring the success of its own internal D&R program? Specifically, how are you quantifying "Toil Reduction"? Are we measuring how many hours we saved, or are we measuring the complexity of the threats our humans are now free to hunt? Toil reduction is a laudable goal for the team members, what are the metrics we track and report up to document the overall improvement in D&R for Google's board? When you talk to your board about the success of AI in your security program, what are the 2 or 3 "Golden Metrics" that actually move the needle for them? How do you prove that an AI-driven SOC is actually better, not just faster? We often talk about AI as an "assistant," but we're moving toward Agentic SOCs. How should organizations measure the "unit economics" of their SOC? Should we be tracking the ratio of AI-handled vs. Human-handled incidents, and at what point does a high AI-handle rate become a risk rather than a success? Resources: Video version EP252 The Agentic SOC Reality: Governing AI Agents, Data Fidelity, and Measuring Success EP238 Google Lessons for Using AI Agents for Securing Our Enterprise EP91 "Hacking Google", Op Aurora and Insider Threat at Google EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI EP189 How Google Does Security Programs at Scale: CISO Insights EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil The SOC Metrics that Matter…or Do They? blog An Actual Complete List Of SOC Metrics (And Your Path To DIY) blog Achieving Autonomic Security Operations: Why metrics matter (but not how you think) blog

With the development of automatic speech recognition has come a new type of technology, designed to give the user advice on how to speak better. In this episode, we talk with Nicole Holliday (University of California, Berkeley) about some of the issues that can arise with the use of these technologies, from their nebulous definitions of "good communication" to the impact they could have at businesses that use these technology to evaluate employees.Associated paper: Nicole R. Holliday. "Socially prescriptive speech technologies: Linguistic, technical, and ethical issues." J. Acoust. Soc. Am. 158, 4361–4369 (2025). https://doi.org/10.1121/10.0039685.Read more from The Journal of the Acoustical Society of America (JASA).Learn more about Acoustical Society of America Publications.Music Credit: Min 2019 by minwbu from Pixabay. 

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio.How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation.Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTSubo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedInRESOURCESLearn more about Stellar Cyber: https://stellarcyber.aiAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSSubo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Battery storage is scaling fast.But scaling portfolios exposes weaknesses most owners never see coming.As projects move from single sites to gigawatt-hour fleets, many IPPs discover something uncomfortable: they have dashboards - but not decision-grade visibility.In this Episode, Lennart Hinrichs, EVP and General Manager of the Americas at TWAICE, explains what actually changes once batteries begin operating at scale.We discuss:Why state of charge (SOC) is foundational — but insufficientHow LFP chemistry complicates measurement more than most assumeWhat derating really does to revenue and dispatch confidenceWhy overbuild can mask deeper performance issuesWhat actually causes most battery fires (and what doesn't)How data transparency reshapes warranty disputes and financial riskThis isn't a founder story.It's a practical conversation for asset owners, operators, and performance engineers who want fewer surprises over the life of their storage assets.If you operate or finance battery projects, this episode will sharpen how you think about KPIs, safety, and operational confidence.Listen in.Are there other technologies you've scouted on the frontlines of the Clean Energy Revolution that you think we should be covering here on SunCast?Hit us up - team@suncast.me with your feedback & recommendations.Check out OpenSolar OS 3.0 at: https://suncast.media/opensolarIf you want to connect with today's guest, you'll find links to their contact info in the show notes on the blog at https://suncast.media/episodes/.Our Platinum Presenting Sponsor for SunCast is CPS America!SunCast is also sponsored by Nextpower!You can learn more about all the sponsors who help make this show free for you at www.suncast.media/sponsors.Remember, you can always find resources, learn more about today's guest and explore recommendations, book links, and more than 875 other founder stories and startup advice at www.suncast.media.Subscribe to Valence, our weekly LinkedIn Newsletter, and learn the elements of compelling storytelling: https://www.linkedin.com/newsletters/valence-content-that-connects-7145928995363049472/You can connect with me, Nico Johnson, on:Twitter - https://www.twitter.com/nicomeoLinkedIn -...

Adiel Sheik Mohammed's Journey: From Networking to Cybersecurity ExpertiseIn this episode of Breaking into Cybersecurity, Adiel Sheik Mohammed shares his journey from his early exposure to computers through his father's training institute to becoming a cybersecurity expert. Adiel describes his academic background in telecommunication and networking, the pivotal decision to specialize in cybersecurity, and the certifications and hands-on experience that facilitated his transition. He discusses his roles, including his first cybersecurity job as a solution architect with WatchGuard, and elaborates on his continued learning through certifications. Adiel also talks about his contributions to the field, including authoring books on AI's impact on SOC and cybersecurity and his ongoing doctorate focused on AI and cybersecurity. The episode concludes with advice for aspiring cybersecurity professionals on networking, certifications, and staying current with industry developments.https://www.linkedin.com/in/shadeel/https://speakerhub.com/speaker/adeel-shaikh-muhammadhttps://adeel.solutionshttps://www.amazon.com/dp/B0DG66357Nhttps://www.amazon.com/dp/B0F3DCKYQ9https://www.amazon.com/dp/B0DVC5Z3XZ00:00 Introduction and Guest Introduction00:53 Early Life and Initial Interest in Cybersecurity02:09 Transition to Cybersecurity04:35 First Cybersecurity Role05:43 Certifications and Continuous Learning07:31 Writing Books and Doctorate Journey10:19 Current Work and Future Plans18:44 Advice for Aspiring Cybersecurity Professionals21:35 Conclusion and Final ThoughtsSponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what the process was they went through, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.Check out our books:The Cybersecurity Advantage - https://leanpub.com/the-cybersecurity-advantageDevelop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUIHack the Cybersecurity Interview: Navigate Cybersecurity Interviews with Confidence, from Entry-level to Expert roleshttps://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298/Hacker Inc.: Mindset For Your Careerhttps://www.amazon.com/Hacker-Inc-Mindset-Your-Career/dp/B0DKTK1R93/---About the host:Christophe Foulon focuses on helping secure people and processes, drawing on a solid understanding of the technologies involved. He has over ten years of experience as an Information Security Manager and Cybersecurity Strategist. He is passionate about customer service, process improvement, and information security. He has significant expertise in optimizing technology use while balancing its implications for people, processes, and information security, through a consultative approach.https://www.linkedin.com/in/christophefoulon/Find out more about CPF-Coaching at https://www.cpf-coaching.com- Website: https://www.cyberhubpodcast.com/breakingintocybersecurity- Podcast: https://podcasters.spotify.com/pod/show/breaking-into-cybersecuri- YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity- Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/

CISA orders urgent patch of Dell flaw Android malware uses Gemini to navigate infected devices Half of all cyberattacks start in the browser, says Palo Alto Networks Get the full show notes here: https://cisoseries.com/cybersecurity-news-cisas-dell-order-android-ai-malware-browsers-as-weak-link/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.  

In this episode of The New CISO, host Steve Moore speaks with Dean Sapp, CISO and Data Protection Officer at Filevine, about one of security's most critical yet overlooked skills—written communication. Drawing from a brutal college English class that failed students for a single typo and over 20 years building security programs in the legal tech industry, Dean reveals why the ability to articulate security findings clearly separates average professionals from exceptional leaders who drive real business impact.After abandoning architecture when he learned it would take six years to become licensed, Dean leveraged his dual skills in computer-aided drafting and IT to launch a career at Novell, eventually earning nine certifications in two years and a master's degree from SANS Institute. His background in design thinking shapes how he approaches security program development—viewing it like building a structure that requires solid foundations, functional systems, and even window dressing like SOC 2 compliance.After interviewing over 100 candidates for SOC positions, Dean identifies the biggest missing skill as the inability to translate security findings into business language executives understand and act upon. He introduces the BLUF (Bottom Line Up Front) principle from military communications, explaining why security professionals have roughly eight seconds to capture executive attention. Dean champions radical transparency through simple frameworks—using stoplight systems or report card grades to communicate security posture, deliberately giving his own program failing marks in areas needing improvement to build trust.Dean tackles operational communication breakdowns that create real security risk, emphasizing mandatory peer review before escalating incidents. This two-person rule dramatically improves report quality while reducing false positives that waste senior leadership time. He shares how this high-standards approach helped Filevine achieve best-in-class cyber insurance rates, with underwriters calling their security program superior to any SaaS provider they'd evaluated. Drawing on Erik Durschmied's "The Hinge Factor," he illustrates how small communication failures doom missions—just as cavalry troops charging cannons failed because not one rider carried the nails and hammer needed to disable them.Throughout the discussion, Dean emphasizes holding yourself to impossibly high standards so that external auditors find you excellent. He advocates for brutal honesty about program gaps, documenting accepted risks clearly, and using tools like Grammarly Premium to improve writing quality. His philosophy combines military precision, architectural thinking, and pedagogical discipline—all in service of making security programs that actually work rather than just looking good on paper.Key Topics Discussed:* Why written communication is security's most critical missing skill* BLUF (Bottom Line Up Front): Capturing executive attention in 8 seconds* Using stoplight or report card systems for transparent board reporting* Giving your security program honest grades to build executive trust* Mandatory peer review before escalation to reduce false positives* How Filevine achieved best-in-class cyber insurance rates* The two-person rule for improving incident report quality* Lessons from "The Hinge Factor" about preparation and tools* Holding impossibly high standards so external auditors find you excellent* Translating technical findings into business impact languageLEARN MORE:

L'Europe veut reprendre la main sur l'un des nerfs de la guerre technologique moderne : les semi-conducteurs. Ces composants minuscules, gravés sur des puces électroniques, sont le cerveau de tous nos appareils, des smartphones aux satellites, en passant par les voitures et les centres de données. Et le 9 février 2026, l'Union européenne a franchi une étape importante avec l'inauguration de NanoIC, une nouvelle infrastructure de prototypage installée à Louvain, en Belgique, au sein du centre de recherche imec.Ce projet s'inscrit dans le cadre du European Chips Act, un vaste plan destiné à renforcer la souveraineté technologique du continent. NanoIC a bénéficié d'un financement de 700 millions d'euros. Son objectif est clair : permettre aux entreprises, aux laboratoires et aux startups de concevoir et tester leurs propres puces avant de les produire à grande échelle. Autrement dit, NanoIC agit comme un laboratoire industriel où l'on peut transformer une idée en prototype fonctionnel.Contrairement aux fonderies classiques — ces usines spécialisées dans la fabrication de puces et souvent fermées aux acteurs extérieurs — NanoIC fonctionne comme une plateforme ouverte. Les ingénieurs pourront y travailler sur des technologies de pointe, notamment des systèmes appelés « system-on-chip », ou SoC. Ce terme désigne des puces capables d'intégrer plusieurs fonctions dans un seul composant : processeur, mémoire, circuits de communication. Le tout à des échelles inférieures à 2 nanomètres. Pour donner un ordre de grandeur, un nanomètre représente un milliardième de mètre. À cette échelle, les composants sont plus petits que certains virus.NanoIC met aussi à disposition des outils avancés de conception et de prototypage, afin de combler le fossé entre la recherche scientifique et la production industrielle. C'est un point crucial, car de nombreuses innovations restent bloquées au stade expérimental faute d'infrastructures adaptées. Ce projet s'inscrit dans un programme plus large, doté de 2,5 milliards d'euros, soutenu à la fois par l'Union européenne, les États membres et des partenaires industriels, dont le groupe néerlandais ASML, leader mondial des machines de lithographie utilisées pour graver les puces. Avec NanoIC, l'Europe tente de réduire sa dépendance envers l'Asie et les États-Unis, qui dominent aujourd'hui la production mondiale de semi-conducteurs. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Got a question or comment? Message us here!No phishing. No user interaction. Just exposed services and a missing authentication check. In this episode of the #SOCBrief, we dive into the SmarterMail RCE flaw already being exploited in the wild and why mail servers continue to be prime ransomware targets. We cover indicators to hunt for, detection tips, and practical steps SOC teams can take to reduce risk fast.

Hackers target anti-government protestors UK launches "lock the door" cybersecurity campaign Cellebrite linked to phone hack on Kenyan politician Get the full show notes here: https://cisoseries.com/cybersecurity-news-hacking-protestors-uk-locks-the-door-kenyan-politician-phone-cracked/ Huge thanks to our sponsor, Conveyor Most of what Conveyor automates is boring. Like really boring. Security questionnaires. Customer requests for things like your SOC 2. All of their follow-up questions. Answering tickets from your sales team. You know what's not boring? Alteryx using Conveyor to support over half a billion dollars in enterprise deals with a small 4 person team. All they did was set up an AI trust center and use Conveyor's AI agent to complete questionnaires. Learn more at conveyor.com.  

Eurail stolen traveler data now up for sale EU Parliament blocks AI features Japan's Washington Hotel discloses ransomware hit Get the full show notes here:  Huge thanks to our sponsor, Conveyor Here's a fun question. Would you rather support more enterprise deals… or answer fewer security questionnaires? Moving upmarket usually means more scrutiny and more security questions. Instead of hiring more people or slowing sales, Alteryx used Conveyor's AI to automate customer security reviews like questionnaires, SOC 2 requests, and all the back-and-forth. They supported 200% growth and over half a billion dollars in pipeline with a 4 person team. If you're tired of choosing between growth and sanity, check out Conveyor at conveyor.com.  

Google has confirmed that state-backed threat actors are operationally using Gemini across the intrusion lifecycle — not experimentally, but strategically. In this episode of Security Squawk, we break down how AI is being integrated into reconnaissance, phishing refinement, vulnerability research, and even dynamic malware generation. According to Google's Threat Intelligence Group, multiple clusters — including DPRK-linked actors — are using Gemini to synthesize OSINT, map organizational structures, refine recruiter impersonation campaigns, and research exploit paths. In one case, malware known as HONESTCUE leveraged Gemini's API to dynamically generate C# code for stage-two payload behavior, compile it in memory using legitimate .NET tooling, and execute filelessly. This isn't a zero-day story. It's a friction story. At the same time, two individuals in Connecticut were charged for allegedly using thousands of stolen identities to exploit FanDuel's onboarding and promotional systems. No exotic exploit. No advanced intrusion chain. Just automated workflow abuse at scale. The pattern is clear: AI is compressing attacker timelines, and identity-driven fraud is industrializing predictable processes. We examine: How AI-enhanced phishing eliminates traditional grammar-based red flags Why trusted SaaS domains (Gemini share links, Discord CDNs, Cloudflare fronting, Supabase backends) are weakening reputation-based defenses What model distillation attempts (100,000+ structured prompts) signal about API abuse and intellectual property risk How fileless malware compiled with legitimate developer tooling challenges signature-based detection Why onboarding workflows and recruiting processes are now primary attack surfaces For CEOs, this is about erosion of trust anchors and shifting insurability expectations. For IT Directors and SOC leaders, this means reevaluating fileless execution visibility, API anomaly detection, and the reliability of reputation filtering models. For MSPs and risk managers, breaches will increasingly originate from workflow exploitation rather than perimeter misconfiguration. AI didn't invent new attack types. It removed friction from existing ones. And when friction disappears, scale compounds. If your recruiting, onboarding, verification, or AI product interfaces can be scripted — they can be weaponized. This episode is about operational clarity in a rapidly compressing threat landscape. Keywords: Google Gemini, HONESTCUE malware, AI phishing, state-backed threat actors, DPRK cyber operations, model distillation attacks, API abuse detection, fileless malware, .NET in-memory compilation, identity fraud, FanDuel fraud case, workflow exploitation, SaaS infrastructure abuse, Cloudflare phishing, Discord CDN payloads, Supabase backend abuse. Support the show https://buymeacoffee.com/securitysquawk

Guest: Daniel Lyman, VP of Threat Detection and Response, Fiserv Topics: What is the right way for people to bridge the gap and translate executive dreams and board goals into the reality of life on the ground? How do we talk to people who think they have "transformed" their SOC simply by buying a better, shinier product (like a modern SIEM) while leaving their old processes intact? What are the specific challenges and advantages you've seen with a federated SOC versus a centralized one? What does a "federated" or "sub-SOC" model actually mean in practice? Why is the message that "EDR doesn't cover everything" so hard for some people to hear? Is this obsession with EDR a business decision or technology debt? How do you expect AI to change the calculus around data centralization versus data federation? What is your favorite example of telemetry that is useful, but usually excluded from a SIEM? What are the Detection and Response organizational metrics that you think are most valuable? Is the continued use of Excel an issue of tooling, laziness, or just because it is a fundamentally good way to interact with a small database? Resources: Video version "In My Time of Dying" book EP258 Why Your Security Strategy Needs an Immune System, Not a Fortress with Royal Hansen EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective The Gravity of Process: Why New Tech Never Fixes Broken Process and Can AI Change It? blog

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Got a question or comment? Message us here!Attackers are hiding remote access trojans (RATs) inside malicious MSI installers disguised as legit software, and it's surging in early 2026. We break down how these phishing attacks bypass EDR, what to look for, and how SOC teams can stop them before they turn into full-blown breaches. Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

In a podcast recorded at ITEXPO / MSP EXPO, Doug Green, Publisher of Technology Reseller News, spoke with Doug Barbin, Chief Growth Officer at Schellman, about how rapid AI adoption is reshaping compliance requirements for MSPs, cloud providers, and technology companies. Barbin outlined Schellman's role as one of the largest independent providers of technology, risk, and AI-related compliance assessments, serving organizations across highly regulated industries. Barbin explained that AI adoption is accelerating far faster than previous technology shifts such as cloud computing, leaving many organizations scrambling to keep pace with evolving regulatory expectations. “The adoption of AI has come out four or five times as fast as what we saw with cloud,” Barbin said. “Organizations are now trying to keep up not just from a technology risk perspective, but also from a compliance and governance standpoint.” He pointed to emerging standards such as ISO 42001 as critical frameworks helping companies manage AI governance at scale. The conversation also explored the complexity of audits and how Schellman works to simplify the process. Barbin described a “collect once, use many” approach that allows organizations—particularly MSPs—to streamline compliance across multiple frameworks such as SOC 2, HIPAA, CMMC, and federal requirements. By reducing redundancy and aligning audits to customer needs, MSPs can more efficiently expand into regulated verticals they otherwise could not serve. Barbin concluded by emphasizing the opportunity compliance creates for MSPs as they grow into more regulated markets. By helping MSPs inherit and validate customer controls, Schellman enables service providers to scale responsibly while turning compliance into a business advantage rather than a barrier. Visit https://www.schellman.com/

South Carolina got a taste of snow... but Southeast Texas turned it into a full wonderland meltdown!

- Ford Talks with Geely To Fill Excess Factory Capacity in Spain - NADA CEO Mike Stanton Calls Chinese Car Imports "Bad for Consumers” - Analyst Predicts Chinese OEMs Will Launch U.S. Joint Ventures In 2026 - Tesla Mass Produces Dry Electrodes to Slash Costs By $1 Billion - Uber's Margin Squeeze: Lower Profits Today, More Robotaxis Tomorrow - Renault To Build EV Motors in France Using Chinese Components - $4 A Day for A New Car: China's 8-Year Loan War Begins - Honda And Mythic Co-Develop Energy-Efficient Ai Chips for SDVs - Singing Fish and Grizzly Bears: Jeep's "Cruel" New Cherokee Ad

- Ford Talks with Geely To Fill Excess Factory Capacity in Spain - NADA CEO Mike Stanton Calls Chinese Car Imports "Bad for Consumers” - Analyst Predicts Chinese OEMs Will Launch U.S. Joint Ventures In 2026 - Tesla Mass Produces Dry Electrodes to Slash Costs By $1 Billion - Uber's Margin Squeeze: Lower Profits Today, More Robotaxis Tomorrow - Renault To Build EV Motors in France Using Chinese Components - $4 A Day for A New Car: China's 8-Year Loan War Begins - Honda And Mythic Co-Develop Energy-Efficient Ai Chips for SDVs - Singing Fish and Grizzly Bears: Jeep's "Cruel" New Cherokee Ad

Segment 1: Interview with Warwick Webb From Initial Entry to Resilience: Understanding Modern Attack Flows Modern cyberattacks don't unfold as isolated alerts--they move as coordinated attack flows that exploit gaps between tools, teams, and time. In this episode, Warwick Webb, Vice President of Managed Detection and Response at SentinelOne, breaks down how today's breaches often begin invisibly, progress undetected through siloed security stacks, and accelerate faster than human response alone can handle. He'll discuss how unified platforms, machine-speed detection powered by global threat intelligence, and expert-led response change the equation--turning fragmented signals into clear attack narratives. The conversation concludes with how organizations can move beyond incident response to build resilience, readiness, and continuous improvement through post-attack analysis. Listeners will leave with a clearer understanding of how attacks actually unfold in the real world—and what it takes to move from reactive alert handling to true attack-flow-driven defense. Segment Resources: Wayfinder MDR Solution Brief 451 MDR Report Managed Defense Redefined Blog This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them! Segments 2 and 3: The Weekly News In this week's enterprise security news, we've got funding free tools! the CISO's craft agentic browsers tech companies are building cyber units? giving AI agents access to your entire life lots of dumpster fires in the industry today Cisco killed Kenna the state of AI in the SOC homemade EMP guns! don't try this at home All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-444

Guest: Dennis Chow, Director of Detection Engineering at UKG  Topics: We ended our season talking about the AI apocalypse. In your opinion, are we living in the world that the guests describe in their apocalypse paper?  Do you think AI-powered attacks are really here, and if so, what is your plan to respond? Is it faster patching? Better D&R? Something else altogether?  Your team has a hybrid agent workflow: could you tell us what that means?  Also, define "AI agent" please. What are your production use cases for AI and AI agents in your SOC? What are your overall SOC metrics and how does the agentic AI part play into that? It's one thing to ask a team "hey what did y'all do last week" and get a good report - how are you measuring the agentic parts of your SOC? How are you thinking about what comes next once AI is automatically writing good (!) rules for your team out of research blog posts and TI papers?  Resources: Video version Agentic AI in the SOC: Build vs Buy Lessons EP255 Separating Hype from Hazard: The Truth About Autonomous AI Hacking EP256 Rewiring Democracy & Hacking Trust: Bruce Schneier on the AI Offense-Defense Balance EP252 The Agentic SOC Reality: Governing AI Agents, Data Fidelity, and Measuring Success EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI EP242 The AI SOC: Is This The Automation We've Been Waiting For? Google Cloud Skill Boost  

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b Zoom Vulnerability A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to execute remote code on the MMR via network access. https://www.zoom.com/en/trust/security-bulletin/zsb-26001/ Possible new SSO Exploit (CVE-2025-59718) on 7.4.9 https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ SANS SOC Survey The 2026 SOC Survey is open, and we need your input to create a meaningful report. Please share your experience so we can advocate for what actually works in the trenches. https://survey.sans.org/jfe/form/SV_3ViqWZgWnfQAzkO?is=socsurveystormcenter