Podcasts about threat detection

  • 177PODCASTS
  • 362EPISODES
  • 35mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 22, 2026LATEST
threat detection

POPULARITY

20192020202120222023202420252026


Best podcasts about threat detection

Latest podcast episodes about threat detection

No Password Required
No Password Required Podcast Episode 74 - Shane Tews

No Password Required

Play Episode Listen Later Jun 22, 2026 51:54


Shane Tews — Non-Resident Senior Fellow at AEI and the person who explained the internet to Capitol Hill No Password Required Season 7: Episode 7 – Shane Tews Shane Tews is a Non-Resident Senior Fellow at the American Enterprise Institute, where she focuses on cybersecurity, privacy, artificial intelligence, and internet governance. She is also President of Logan Circle Strategies, a strategic advisory firm working at the intersection of technology and policy. Before her think tank work, Shane helped introduce modems to the George H.W. Bush White House, walked the halls of Capitol Hill explaining the internet to blank-staring legislators, and spent years at VeriSign helping shape the foundational frameworks of how the internet would be governed. In this episode, Shane traces her unlikely path from the Bush administration to becoming one of Washington's most trusted voices on tech policy. She breaks down why regulating outcomes rather than inputs is the only sensible approach to technology governance, why the US and EU are operating from fundamentally different innovation philosophies, and why a national privacy bill is long overdue. She also explains why most organizations and individuals are far less protected than they think and why nobody knows who to call when something goes wrong. Jack Clabby and co-host Kayley Melton talk with Shane about legacy system vulnerabilities, the cybersecurity implications of agentic AI, and what policymakers absolutely must get right over the next decade. She also reflects on what the CISA reauthorization limbo means for companies that don't even know they've lost liability protection. In the Lifestyle Polygraph, Shane reveals she has 20,000 emails across eight accounts, admits she fakes laughs at bad jokes out of Midwestern politeness, shares her obsession with The Bear and Peaky Blinders, and tells us about her children's book project using Google Omni called "Shane on a Train." Follow Shane on LinkedIn and on X at @ShaneTews. Find her work at AEI.org and TechPolicyDaily.com. No Password Required is presented by ThreatLocker   In this episode: Shane's path from the George H.W. Bush White House to becoming Capitol Hill's go-to internet explainer (00:34 - 02:22) Why the Clinton-era multi-stakeholder model got internet governance right and what that means for policy today (04:40 - 06:13) The case for a national privacy bill and why 50 state standards aren't working (07:24 - 09:27) What AEI covers and how Shane thinks about riding the top of the wave across the entire tech policy stack (09:35 - 11:23) Legacy systems, vendor debt, and why outdated software is the easiest entry point for bad actors (11:30 - 13:34) The gap between how protected people think they are and how exposed they actually are, including a generational perspective on MFA (14:07 - 16:25) The biggest disconnect between everyday cyber reality and the policy world (16:59 - 20:35) Government readiness for a major cyber attack and why most people don't have a plan (20:54 - 22:32) How the US and EU innovation philosophies differ and why Europe's banking system is the real tech problem (22:41 - 25:38) The DeepSeek false narrative and where the US is leading vs. reacting on AI (25:45 - 29:21) The shift from AI features to AI coordination and what agentic AI means for cybersecurity permissions (29:28 - 32:16) What policymakers must get right on AI over the next 10 years (32:25 - 34:11) The Lifestyle Polygraph: inbox chaos, fake laughs, The Bear, and Shane on a Train (00:04 - 12:48)   Timestamp Highlights: (00:34) Shane's origin story: modems at the White House and blank stares on the Hill (04:40) Why the internet got policy right early on and what we can learn from it (07:24) The case for harmonizing breach standards with a national framework (11:30) Legacy systems and vendor debt as the easiest attack vectors (14:07) The real gap between how protected people think they are and how exposed they actually are (20:54) Government cyber readiness: do you know who to call when something goes wrong? (22:41) US vs. EU innovation: why Europe's banking system is the real tech problem (29:28) Agentic AI and the cybersecurity risks of permissions you forgot you gave (32:25) What policymakers must get right on AI over the next decade (06:44) Shane on a Train: using Google Omni to write a children's book series   Resources & Links: AEI.org — Shane's think tank home base TechPolicyDaily.com — Daily tech policy coverage ThreatLocker — Supporter of this podcast Cyber Florida — The Mother Ship  

ChannelBuzz.ca
The Buzz: HPE Discover kicks off, Cato Networks launches integration hub, and Checkmarx report flags CISO pressure on security compliance

ChannelBuzz.ca

Play Episode Listen Later Jun 15, 2026 5:31


Today’s headline news for Canadian IT solution providers: HPE Discover 2026 kicks off: HPE Discover 2026 opens today at The Venetian in Las Vegas with the Partner Growth Summit, the partner-exclusive day that precedes the main conference. The General Session – “The Power of One” – is led by HPE channel head Simon Ewington and focuses on HPE’s unified partner strategy under the HPE Partner Ready Vantage program, spanning networking, cloud, and AI. This is the first Partner Growth Summit since HPE’s $14 billion Juniper Networks acquisition closed, and HPE is presenting partners with a fully unified portfolio story for the first time. ChannelBuzz.ca is on the ground all week: Tuesday’s Buzz will feature a full Partner Growth Summit recap, and In The Channel this week features a multi-part series with Jeremiah Jenson, HPE’s vice president of North America channel and partner ecosystem, covering the Discover announcements in depth. Cato Networks launches integration hub: Cato Networks has launched a new Technology Partner Program and a Platform Integration Hub, debuting with more than 100 out-of-the-box integrations with third-party security, cloud, and networking solutions. The SASE provider says the program is designed to simplify how partners and customers connect Cato’s platform with existing enterprise technology stacks. The move is significant for Canadian MSPs and MSSPs: a robust integration catalog reduces the custom API work that often slows deployment and increases delivery costs, making it easier to position Cato alongside the broader tools in a customer’s security environment. Checkmarx flags CISO compliance pressures: A new 2026 Future of Application Security Report from Checkmarx, based on a survey of more than 2,000 developers and CISOs, found that 95 per cent of CISOs report being pressured to suppress or delay compliance-related security issues when business deadlines loom. The research also highlights how AI-generated code is expanding the attack surface faster than many security teams can manage. For Canadian MSSPs, the data reinforces the value of independent, third-party security oversight – and the case for structured application security as a managed service. Dataminr and TD SYNNEX partner on AI cyber defense: Dataminr has signed a strategic distribution agreement with TD SYNNEX, making Dataminr for Cyber Defense available to more than 35,000 North American resellers. The platform combines external risk signals with internal telemetry to help security teams prioritize threats in real time. For Canadian partners already working with TD SYNNEX, the deal adds an AI-driven threat intelligence offering to the distributor’s security portfolio at a time when customers are asking for earlier warning around cyber risk. inforcer launches Microsoft 365 TDR platform: inforcer has launched inforcer Threat Detection and Response, a new platform that gives MSPs a single environment to manage detection, incident response, and reporting across the full Microsoft 365 estate – including Entra, Defender, Purview, Teams, and SharePoint. According to the company, the platform’s advantage is its existing policy and configuration context for each tenant, which it says allows the detection engine to separate real threats from alert noise. The product launched in early access at Pax8 Beyond last week. ConnectSecure introduces Patch 360: ConnectSecure has launched Patch 360, a patch management solution designed specifically for MSPs. According to the company, the platform gives MSPs more control over patch prioritization, testing, and approval workflows, and is designed to reduce deployment risk while accelerating patching across operating systems and third-party applications. NetRise launches Discovery Partner Program: Software supply chain security firm NetRise has launched the Discovery Partner Program for VARs, MSSPs, distributors, and systems integrators. The program provides partners access to the NetRise Platform, which analyzes compiled software artifacts – including binaries, firmware, and containers – to identify components and risks that may not appear in source-code scans or vendor-provided SBOMs. NetRise is positioning the program as a way for partners to address growing customer demand for independent software supply chain verification. Read Full Transcript This episode of The Buzz is brought to you by HPE Discover 2026. HPE Discover runs June 15 to 18 at The Venetian in Las Vegas. Discover what’s next at hpe.com/discover. Welcome to The Buzz from ChannelBuzz.ca, I’m Robert Dutt, today is Monday, June 15th, and here’s what’s happening in the channel today. The biggest event on HPE’s calendar opens today at The Venetian Convention and Expo Center in Las Vegas, and ChannelBuzz.ca is on the ground for the full week. But before the main conference opens to the broader audience tomorrow, today belongs exclusively to the channel. The HPE Partner Growth Summit – the partner-only day that kicks off Discover week – is underway as you’re hearing this. The centrepiece is the General Session called “The Power of One,” led by HPE channel head Simon Ewington alongside a lineup of HPE senior executives. The name captures the message HPE is sending its partner ecosystem heading into the back half of 2026: one comprehensive portfolio, one unified program under HPE Partner Ready Vantage, and one integrated experience across networking, cloud, and AI. The afternoon breakout agenda is dense – covering GreenLake and hybrid cloud, Aruba networking with AI, monetizing accelerated compute and agentic workloads, and HPE’s evolving service provider story. It’s also worth noting the context: this is the first Partner Growth Summit since HPE’s $14 billion acquisition of Juniper Networks cleared regulatory review and officially closed. Partners are getting their first look at a fully unified networking and compute story from a company that can now tell it cleanly. We’re bringing you the announcements as they happen all week.  In just a couple of hours on In The Channel, I’ll help you get ready for Discover, as I preview the event with the help of none other than Jeremiah Jenson, HPE’s vice president of North American channel and partner ecosystem.  Tomorrow on The Buzz, we’ll have all the news from Partner Growth Summit, and tomorrow’s In The Channel will also feature Jenson, as we take a deeper dive into the HPE’s partner programs and where he sees the biggest opportunities for the channel right now. Be sure to stick with us all week as we bring you full coverage from Vegas. Cato Networks is expanding its ecosystem with the launch of a new Technology Partner Program and a Platform Integration Hub. The SASE provider says the hub debuts with more than 100 integrations out of the box, offering streamlined connectivity with third-party security, cloud, and networking solutions. According to Cato, the program is designed to simplify how partners and customers integrate its platform with existing enterprise technology stacks, reducing friction and speeding up deployments. A vendor-led integration effort at this scale matters for the channel. As enterprise environments grow more layered and complex, MSPs rely on platforms that connect cleanly to an existing stack rather than requiring months of custom API work. Out-of-the-box integrations mean less time troubleshooting compatibility and more time delivering security outcomes to clients. It’s worth noting that Cato’s channel chief said earlier this year that seven out of ten deals the company closes are already partner-led. A stronger integration story could deepen that dependence on the channel by making it easier for MSPs and MSSPs to position Cato alongside the other tools in a customer’s security stack. A report released last week by application security vendor Checkmarx is putting hard numbers on a dynamic that security-focused channel partners have likely been seeing for some time. The 2026 Future of Application Security Report, based on a survey of more than 2,000 developers and CISOs, found that 95 per cent of CISOs say they have been pressured to suppress or delay compliance-related security issues when business deadlines loom. Compounding the problem: the adoption of AI-generated code is accelerating, which Checkmarx says is multiplying the attack surface in production environments faster than many security teams can manage. The business case for external, independent security oversight has rarely been clearer. When internal security leaders are being overruled on vulnerability management, an MSP or MSSP operating as a neutral third party – accountable to security outcomes rather than product launch timelines – steps into a genuine gap. The data also validates the case for application security as a structured managed service. As AI-generated code becomes standard in the development pipeline, organizations that can’t close that gap internally will need to find a partner who can. In Brief – Dataminr and TD SYNNEX have signed a distribution agreement that makes Dataminr for Cyber Defense available to more than 35,000 North American resellers through TD SYNNEX’s channel network.  Security vendor inforcer has launched inforcer Threat Detection and Response, a new platform designed to give MSPs a single environment to manage detection, incident response, and reporting for Microsoft 365.  ConnectSecure has introduced Patch 360, a patch management solution built specifically for MSPs that the company says reduces deployment risk while accelerating patching across operating systems and third-party applications.  NetRise has launched the Discovery Partner Program, targeting VARs, MSSPs, distributors, and systems integrators with software supply chain security capabilities built around compiled binary analysis rather than source code or vendor-provided SBOMs.  Full details and links in the show notes or the blog post. That’s how we’re seeing the headlines today. I’m Robert Dutt for ChannelBuzz.ca, thanks for listening. Have a great day.

No Password Required
No Password Required Podcast Episode 73 - Mudita Khurana

No Password Required

Play Episode Listen Later Jun 9, 2026 28:13


Show Summary:    Mudita Khurana — Tech Lead at Airbnb and the person who always says, “I got this” No Password Required Season 7: Episode 6 - Mudita Khurana   Mudita Khurana is a Tech Lead for Automated Tooling and Vulnerability Management at Airbnb, where she focuses on building modular, scalable security systems in an era of rapidly evolving AI threats. Before Airbnb, she spent nearly a decade in security roles across Accenture, Meta, and PwC, making bold career pivots along the way, including turning down a PwC return offer to join Facebook's product security team. In this episode, Mudita shares her journey from a family of doctors in India to Carnegie Mellon and into the heart of Big Tech security. She discusses what it means to thrive as a non-traditional engineer in a deeply technical field, why she stepped back from management to get closer to the work, and how she thinks about building security tooling that won't be obsolete in three months. Jack Clabby and co-host Kayley Melton, recording live from Tampa B-Sides at the University of South Florida, talk with Mudita about imposter syndrome, AI's curveballs for security teams, leadership without a leadership title, and the importance of community in staying on top of a field that never stops moving. She also reflects on what great mentorship looks like early in a career and why clarity, ownership, and consistency are the leadership qualities she keeps coming back to. In the Lifestyle Polygraph, Mudita firmly plants her flag in the Harry Potter universe as Hermione, explains why Deadpool doesn't qualify as a superhero, debates gym vs. nature as a reset strategy, and reveals her dream remote work base: a high-altitude Buddhist mountain town in the Himalayas.   Follow Mudita on LinkedIn: https://www.linkedin.com/in/muditakhurana/     In this episode: Mudita shares her unconventional path into cybersecurity, highlighting the importance of mentorship and curiosity (0:25 - 1:37) The significance of mentorship, especially Vandana Verma, in her career development (2:26 - 4:00) Transition from management to technical IC roles and why staying close to technical work matters (9:29 - 10:23) The influence of her education at Carnegie Mellon and how it broadened her problem-solving skills (6:23 - 7:41) Navigating imposter syndrome and embracing challenges as growth opportunities (3:26 - 5:29) How AI is changing cybersecurity strategies—building modular, layered systems for agility (15:31 - 16:26) The importance of community, trust, and consensus in cybersecurity decision-making (17:06 - 17:47) Mudita's favorite places for remote work and balancing planning with spontaneity in travel (23:01 - 24:13) Her personal approach to wellness, exercise, and resets during busy days (21:32 - 22:36) Her unique perspective on superhero characters, favorite places, and cultural roots (18:54 - 19:36, 25:19 - 26:21) Timestamp Highlights: (00:25) Mudita's 10-year journey into cybersecurity starting from India (02:26) Mentorship's critical role in her growth and her admiration for Vandana Verma (09:29) Transition from management back to technical roles and why staying close to the work matters (15:31) How AI fosters layered, modular security systems for faster adaptation (17:06) The importance of community and trusted information sources in security (21:32) Reset routines—gym versus nature hikes—and staying grounded during busy days (25:19) Leh, Ladakh: Mudita's ideal remote work location nestled in Himalayan beauty Resources & Links: Vandana Verma - Influential mentor in cybersecurity ThreatLocker - Supporter of this podcast Cyber Florida – The Mother Ship

Alliant Specialty Podcasts
Cybersecurity in the AI Era: How Predictive Security Is Reshaping Threat Detection and Prevention

Alliant Specialty Podcasts

Play Episode Listen Later Jun 8, 2026 19:57


Cybersecurity risk management is shifting from reactive threat detection to proactive, AI-driven predictive security strategies that help organizations identify and mitigate threats before incidents occur. Brendan Hall, Alliant Cyber, welcomes Paul Jespersen, founder and CEO of PRE Security, to discuss how predictive cybersecurity and AI-powered SecOps are giving organizations greater visibility into risk while reshaping cyber underwriting and incident prevention. They share practical insights on reducing false positives, strengthening cyber resilience and using real-time security intelligence to support smarter risk management decisions.

No Password Required
No Password Required Podcast Episode 72 - Madeline Sedgwick

No Password Required

Play Episode Listen Later May 25, 2026 50:44


Madeline Sedgwick — Cyber Threat Analyst at Palo Alto Networks and a DUUUUVALLL lifer No Password Required Season 7: Episode 5 – Madeline Sedgwick   Madeline Sedgwick is a  Cyber threat Researcher and Threat Analyst at Palo Alto Networks Unit 42, specializing in nation-state cyber activity, covert infrastructure, and cyber intelligence analysis. Before entering the private sector, she spent six years in the U.S. Navy as an intelligence specialist, helping support some of the earliest cyber operations under United States Cyber Command. In this episode, Madeline shares her journey from joining the Navy to becoming one of the first certified cyber targeteers supporting offensive cyber operations. She discusses the realities of tracking covert threat actor infrastructure, why defenders must understand adversary behavior beyond alerts and signatures, and how intelligence analysis helps uncover the bigger picture behind cyber campaigns. 
Jack Clabby and co-host Sarina Gandy talk with Madeline about fusion analysis, cyber warfare, leadership, and the challenges of translating highly technical investigations into actionable insights for government and industry leaders. She also reflects on the importance of humility in leadership, mentoring, and learning to navigate high-pressure situations with confidence and curiosity. 
In the Lifestyle Polygraph, Madeline debates cybersecurity in the Star Wars universe, explains her Weird Al Yankovic Dragon Con costume, reflects on her time playing bass in a metal band, and proudly shares why Jacksonville, Florida, will always be home.   Follow Madeline on Linked in: https://www.linkedin.com/in/mesedgwick/ Chapters:  02:10 Intro-Madeline Sedgwick  09:00 The Role of Cybersecurity in National Security 12:08 Understanding Covert Networks and Threat Intelligence 14:52 Fusion Analysis in Cybersecurity 18:04 The Importance of Distinguishing Threats 20:52 Challenges in Cybersecurity Response 23:58 Briefing Decision Makers on Cyber Threats 27:52 Understanding Adversary Intent and Risk Communication 30:12 Leadership Lessons from the Navy 34:33 The Importance of Mentorship in Career Development 37:30 The Lifestyle Polygraph: A Fun Twist on Cybersecurity 41:04 Embracing Creativity and Personal Expression 45:50 Pride in Roots: The Jacksonville Connection

The Hypnotist
Laying Down the Armour and Recalibrating the Threat Detection System

The Hypnotist

Play Episode Listen Later May 21, 2026 32:36


Adam helps a client to calm down their hyper vigilance using a metaphor of laying down the armour and recalibrating their threat detection system. This is a useful session if you always feel like you're on high alert.

Federal Tech Podcast: Listen and learn how successful companies get federal contracts
Ep. 323 AI Threat Detection and Federal Cybersecurity Trends

Federal Tech Podcast: Listen and learn how successful companies get federal contracts

Play Episode Listen Later May 21, 2026 24:11


Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Everyone seems to have an opinion on AI. Today, we interviewed Levi Gundert, the Chief Security and Intelligence Officer for Recorded Future. He thinks that AI gives federal leaders an opportunity to fight back. For example, one aspect of cybersecurity is velocity; the number of attacks has expanded exponentially. Gundert thinks this is an opportunity to match this attack's velocity. Many will balk at this opinion. They will describe federal data as challenged in cross-domain sharing, data labeling, and data trapped in PDFs or legacy systems. During the interview, in a refreshing observation, Gundert observes that defenders have always been on the back foot. Always in defense. Finally, AI can give tools that level the playing field. One application of AI is the ingestion of the data provided to federal systems. AI can be used to provide actionable intelligence. In some systems, this deluge can result in false alerts. When used properly, AI can filter through the signal and identify what is critical. Gundert emphasizes the need for automation and decision advantages in threat intelligence, the challenges of data fragmentation and legacy systems, and the urgency of upgrading systems to address vulnerabilities. They also touch on the role of AI in insider threats, the potential of Mythos to increase vulnerabilities, and the importance of sharing threat information to enhance cybersecurity.

InfosecTrain
The AI-Powered SOC: Revolutionizing Threat Detection & Response

InfosecTrain

Play Episode Listen Later May 14, 2026 49:00


The future of SOC operations is AI-driven, automated, and faster than ever before. In this deep-dive masterclass, InfosecTrain explores how Artificial Intelligence is moving from a buzzword to a fundamental engine for modern Security Operations Centers. We break down the shift from manual alert fatigue to intelligent threat detection, automated triage, and the predictive analytics that are defining the 2026 security landscape.The "course titled" Advanced AI SOC Analyst Certification Training is designed to bridge the gap between traditional security monitoring and the next generation of autonomous defense. We provide a high-level briefing on how to integrate AI into your SIEM and EDR workflows, ensuring that analysts can focus on high-impact hunting while AI handles the noise of real-time security operations.

No Password Required
No Password Required Breakout Room with Fagan Afandiyev

No Password Required

Play Episode Listen Later Apr 21, 2026 20:28


Fagan Afandiyev — Elite Cybersecurity Competitor and Legendary Whitehatter No Password Required: Breakout Room: Episode 1 — Fagan Afandiyev Fagan Afandiyev is a cybersecurity student at the University of South Florida and a member of the CyberHerd competition team, known for his strategic mindset and passion for solving complex challenges. From competing in international robotics competitions to discovering cybersecurity through hands-on platforms, Fagan has built his skills through curiosity, persistence, and a love for problem solving. Fagan shares how competitions, community, and continuous learning shaped his journey into cybersecurity. He walks through his growth within USF's cyber community, and how that led to a penetration testing internship at Microsoft. He also offers insight into the mindset needed to succeed in cybersecurity, encouraging others to embrace challenges, learn through failure, and find enjoyment in the process. Follow Fagan on Linked in here: https://www.linkedin.com/in/fagan-afandi/ Presented by ThreatLocker Chapters:  00:00 Introduction to Cybersecurity Passion 3:02   Journey to Cyber Herd and University Life 06:12 Internship at Microsoft and Career Aspirations 08:59 Hackathon Experience and Community Engagement 12:39 Behind the Scenes of Cyber Competitions 14:30  Overcoming Challenges in Cyber Competitions 18:00 Gratitude and Mentorship in Cybersecurity  

This Week in Google (MP3)
IM 865: Mythic - Too Dangerous to Release?

This Week in Google (MP3)

Play Episode Listen Later Apr 9, 2026


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

All TWiT.tv Shows (MP3)
Intelligent Machines 865: Mythic

All TWiT.tv Shows (MP3)

Play Episode Listen Later Apr 9, 2026 146:37


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

Radio Leo (Audio)
Intelligent Machines 865: Mythic

Radio Leo (Audio)

Play Episode Listen Later Apr 9, 2026 146:37


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

ITSPmagazine | Technology. Cybersecurity. Society
When OT Goes Down, the Clock Is Already Running | A Brand Highlight Conversation with Rob Demain, CEO & Founder of e2e-assure | Hosted by Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 9, 2026 6:49


When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it. Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin. In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely. The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods. This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Rob Demain, CEO & Founder, e2e-assure LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468 RESOURCES e2e-assure website: https://e2e-assure.com OT Downtime and Remediation Gaps Research: https://e2e-assure.com Are you interested in telling your story? Full Length Brand Story: https://www.studioc60.com/content-creation#full Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight Brand Highlight Story: https://www.studioc60.com/content-creation#highlight   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This Week in Google (Video HI)
IM 865: Mythic - Too Dangerous to Release?

This Week in Google (Video HI)

Play Episode Listen Later Apr 9, 2026


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

All TWiT.tv Shows (Video LO)
Intelligent Machines 865: Mythic

All TWiT.tv Shows (Video LO)

Play Episode Listen Later Apr 9, 2026 146:36 Transcription Available


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

Radio Leo (Video HD)
Intelligent Machines 865: Mythic

Radio Leo (Video HD)

Play Episode Listen Later Apr 9, 2026 146:36 Transcription Available


A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

ITSPmagazine | Technology. Cybersecurity. Society
From Network Evidence to Autonomous Defense: Corelight at RSAC Conference 2026 | A Brand Spotlight at RSAC Conference 2026 with Vijit Nair, VP of Product Management at Corelight

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 1, 2026 18:03


Vijit Nair, VP of Product Management at Corelight, joins Sean Martin on the floor of RSAC Conference 2026 for a conversation about what it takes to move security operations from AI-assisted to AI-autonomous. Corelight is the fastest-growing company in the network detection and response (NDR) space, and Nair has spent six years helping build the platform from early network monitoring to its current position as a Gartner Magic Quadrant Leader. The company's open NDR platform transforms raw network traffic into high-fidelity, unopinionated evidence -- and that evidence is now powering the next leap: agentic triage. Corelight's newly launched Agentic Triage product moves beyond the "level one" AI assistant model -- where a system answers questions but takes no action -- to a "level two" agent that actually investigates and triages alerts. It identifies the riskiest entities in an environment, collects all associated context and data, runs a full investigation cycle, and delivers a verdict with full evidence attached. Nair calls it "bringing the receipts": analysts see not just the conclusion but every step of the reasoning. Early results show a 10x increase in investigation speed and 60-70% of alerts being automatically triaged. The network is having a resurgence as an essential visibility layer, and Nair explains why: attackers have adapted to EDR. Nation-state-style campaigns like Volt Typhoon and Salt Typhoon operate in the network layer, targeting unmanaged devices, routers, firewalls, and VPNs that endpoint tools cannot see. Corelight almost always finds something in the first 30 days of a pilot deployment -- from shadow IT and shadow VPNs to active red team attacks using tools like Sliver-based C2 frameworks. On the question of SOC adoption, Nair pushes back on the assumption that hesitation comes from the top. The hunger for AI-powered tools runs from CISOs all the way down to the analysts dealing with alert overload and understaffed teams. A recent customer put it simply: "This is amazing. Please don't take it away from me." Nair frames the path to full autonomy as a spectrum -- from human-controlled to fully agentic -- and draws the comparison to Waymo: the journey is measured and incremental, but the destination is inevitable. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vijit Nair, VP of Product Management, Corelighthttps://www.linkedin.com/in/vijitn RESOURCES Corelight: https://corelight.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vijit Nair, Corelight, Sean Martin, network detection and response, NDR, agentic triage, AI SOC, autonomous security operations, SOC automation, network security monitoring, threat detection, AI-powered security, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
eCrime, Threat Intelligence, and What's Coming at RSAC Conference 2026 | A Brand Spotlight at RSAC Conference 2026 with Tony Anscombe, Chief Security Evangelist of ESET

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Mar 19, 2026 21:47


Tony Anscombe has attended RSA Conference since 1998 -- back when it was held at the Fairmont Hotel. That long view informs everything about how ESET approaches threat intelligence. It is not about volume. It is about accuracy, speed, and putting the right signal in front of the right team at the right moment. The ESET eCrime Ecosystem Report comes in two forms: a business-facing summary outlining current risks for leadership, and a long-form technical report for analysts -- complete with IOCs, coding examples, and structured intelligence feeds covering ransomware, crypto scams, malicious email attachments, and infostealer data. These feeds are built to plug directly into SOC workflows and firewall rules, not to create more work for already stretched teams. Tony Anscombe is direct about the quality problem in threat intelligence. Open-source feeds sound appealing -- until you factor in the analyst hours required to clean out the noise. By then, the intelligence is stale. Attacks circle the globe in hours. Near-real-time, verified intelligence is not a premium -- it is the baseline requirement. The threat detection conversation has also moved well past malware. Anscombe walks through how modern attackers often skip the payload entirely -- credential theft gets them in, then slow lateral movement and data exfiltration follow, with ransomware as the final act rather than the first signal. ESET's platform focuses on behavioral anomaly detection across the full environment, with on-site, cloud, and managed deployment options for organizations that cannot or will not go all-in on cloud architecture. At RSAC Conference 2026, ESET will be at booth 5253 in Moscone North. Anscombe has two sessions on the Wednesday agenda: one on supply chain blind spots -- urging security teams to engage directly with the business side to map third-party risk fully -- and a community rant session tackling four things that need to change in cybersecurity, including the cryptocurrency regulation debate. On AI, his message is measured: the real conversation at the show is not about using AI -- it is about securing it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET website: https://www.eset.com ESET threat research blog (WeLiveSecurity): https://www.welivesecurity.com ESET at RSAC Conference 2026 -- Booth 5253, Moscone North Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, RSAC Conference 2026, eCrime, threat intelligence, eCrime Ecosystem Report, cybersecurity, endpoint protection, MDR, threat detection, supply chain security, AI security, ransomware, infostealer, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

CarahCast: Podcasts on Technology in the Public Sector
Bastille Wireless Threat Detection Podcast Series, Smartwatches

CarahCast: Podcasts on Technology in the Public Sector

Play Episode Listen Later Mar 19, 2026 31:40


Federal agencies and businesses face growing exposure to wireless threats as modern devices introduce new cybersecurity attack vectors that traditional security tools cannot detect or control. To mitigate consumer and enterprise risks associated with IoT devices in no-phone zones, Bastille Networks' wireless intrusion detection system identifies and quarantines unauthorized emitters and behavioral abnormalities before data breaches can occur. Explore real-world examples of how Bastille's IoT security solution proactively defends mission-critical environments from covert emissions, unapproved device behavior and Wi-Fi deauthentication attacks.

No Password Required
No Password Required Podcast Episode 70 - Madhav Nakar

No Password Required

Play Episode Listen Later Mar 17, 2026 36:40


Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

Financial Freedom for Physicians with Dr. Christopher H. Loo, MD-PhD

email chris@drchrisloomdphd.com with "Podcast freebie" to book a coveted FREE guest spot on the show. To book a PREMIUM spot on the Podcast: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.drchrisloomdphd.com/_paylink/AZpgR_7f⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Book a 1-on-1 coaching call: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.drchrisloomdphd.com/booking-calendar/introductory-session⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Subscribe to our email list: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://financial-freedom-podcast-with-dr-loo.kit.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠Disclaimer: Not advice. Educational purposes only. Not an endorsement for or against. Results not vetted. Views of the guests do not represent those of the host or show.  

ITSPmagazine | Technology. Cybersecurity. Society
SOC Automation and the AI-Driven Future of Cybersecurity Defense | A Redefining CyberSecurity Podcast Conversation with Richard Stiennon, Chief Research Analyst of IT-Harvest

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Mar 4, 2026 26:10


⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Redefining CyberSecurity
SOC Automation and the AI-Driven Future of Cybersecurity Defense | A Redefining CyberSecurity Podcast Conversation with Richard Stiennon, Chief Research Analyst of IT-Harvest

Redefining CyberSecurity

Play Episode Listen Later Mar 4, 2026 26:10


⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Darn IT Podcast
Silent Breach: How Hackers Hide in Your Business Network

Darn IT Podcast

Play Episode Listen Later Mar 4, 2026 20:54


If your business was hacked today, would you know? Most companies discover cyber breaches 7 months after attackers infiltrate their networks. That's 207 days of undetected network intrusion, data theft, and security compromise.In this cybersecurity information episode, Darnley's reveals why silent data breaches happen, personal experience, how hackers remain undetected in business networks, and what signs indicate your company may already be compromised.Learn about:Average breach detection time and why dwell time matters for business securityHow cybercriminals use stealth tactics to evade network security toolsReal-world data breach examples: Target, Equifax, and Marriott hotel breach casesWarning signs of network compromise most IT security teams missThreat detection strategies to identify cyber attacks before massive data lossIncident response planning and cybersecurity monitoring best practicesDiscover how to detect network intrusions faster, reduce breach dwell time, and protect your business from silent cyber attacks. Whether you're a small business owner, IT professional, or security manager, this episode provides actionable cybersecurity advice.The silent breach is only silent if you're not listening. Learn how to protect your business network today.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

Cloud Security Podcast by Google
EP263 SOC Refurbishing: Why New Tools Won't Fix Broken Processes (Even With AI)

Cloud Security Podcast by Google

Play Episode Listen Later Feb 16, 2026 32:34


Guest: Daniel Lyman, VP of Threat Detection and Response, Fiserv Topics: What is the right way for people to bridge the gap and translate executive dreams and board goals into the reality of life on the ground? How do we talk to people who think they have "transformed" their SOC simply by buying a better, shinier product (like a modern SIEM) while leaving their old processes intact? What are the specific challenges and advantages you've seen with a federated SOC versus a centralized one? What does a "federated" or "sub-SOC" model actually mean in practice? Why is the message that "EDR doesn't cover everything" so hard for some people to hear? Is this obsession with EDR a business decision or technology debt? How do you expect AI to change the calculus around data centralization versus data federation? What is your favorite example of telemetry that is useful, but usually excluded from a SIEM? What are the Detection and Response organizational metrics that you think are most valuable? Is the continued use of Excel an issue of tooling, laziness, or just because it is a fundamentally good way to interact with a small database? Resources: Video version "In My Time of Dying" book EP258 Why Your Security Strategy Needs an Immune System, Not a Fortress with Royal Hansen EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective The Gravity of Process: Why New Tech Never Fixes Broken Process and Can AI Change It? blog

ITSPmagazine | Technology. Cybersecurity. Society
Building Community Around the AI SOC Revolution | A Brand Spotlight Conversation with Monzy Merza, Co-Founder and CEO of Crogl | AI SOC Summit 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 12, 2026 17:56


What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Redefining CyberSecurity
Building Community Around the AI SOC Revolution | A Brand Spotlight Conversation with Monzy Merza, Co-Founder and CEO of Crogl | AI SOC Summit 2026

Redefining CyberSecurity

Play Episode Listen Later Feb 12, 2026 17:56


What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Future of ERP
Episode 80: Who Owns What? Clarifying IAM Roles in Cloud ERP with Infosys

The Future of ERP

Play Episode Listen Later Feb 4, 2026 14:00


Discover how identity and access management (IAM) is reshaping cybersecurity in cloud ERP, enabling businesses to be safer, faster, and more compliant with clarity in roles and responsibilities.=====In this insightful episode of the Future of ERP podcast, Aditya Thakurdesai from Infosys dives deep into the vital topic of identity and access management (IAM) in cloud ERP environments. He explains why understanding "who owns what" in IAM is non-negotiable to ensure security, compliance, and operational efficiency amid today's complex hybrid IT infrastructures. Aditya shares compelling customer stories- rom a global pharmaceutical company safeguarding sensitive research data to a large retailer accelerating seasonal workforce onboarding - highlighting how the shared responsibility model brings clarity and confidence in managing cloud security. The discussion further explores how AI is revolutionizing IAM, with intelligent threat detection, adaptive access control, and proactive governance transforming traditional security roles. This episode is a must-listen for any business navigating cloud security risks and looking to leverage AI for smarter, faster, and safer ERP management. Tune in and learn how to stay ahead in the evolving cybersecurity landscape.⁠⁠⁠Download Episode Transcript⁠⁠⁠Useful Links:Learn how the shared responsibility model for SAP Cloud ERP Private defines roles, streamlines operations, and improves security and compliance: Operate your cloud ERP with confidence and control SAP Cloud ERPInfosysFollow Us on Social Media!⁠⁠⁠SAP Cloud ERP - LinkedIn⁠⁠⁠=====Guest: Aditya Thakurdesai, Director – Enterprise Security , InfosysAditya is a seasoned SAP Security and GRC professional, currently serving as Director – Enterprise Security at Infosys. With nearly two decades of experience, he has delivered transformative security solutions that seamlessly integrate deep domain expertise with emerging technologies. In his current role, Aditya heads the Manufacturing and Communications, Media & Technology segments within Infosys' Enterprise Risk Management Services group. He also drives strategic Centre of Excellence initiatives focused on security transformation, intelligent automation, and AI innovation. His current passion lies in Agentic AI, where he has developed pioneering solution that introduce new levels of agility, compliance, and scalability to enterprise security operations.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠LinkedIn⁠⁠⁠ and ⁠⁠⁠X⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's LinkedIn and SAP Community=====Key Topics: Identity Management, Access Management, Cloud ERP, Shared Responsibility, Compliance, Security, Artificial Intelligence, AI, Threat Detection, Case Studies

No Password Required
No Password Required Podcast Episode 68 — Rob Hughes

No Password Required

Play Episode Listen Later Jan 20, 2026 44:51


Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

The IT Pro Podcast
The future of threat detection

The IT Pro Podcast

Play Episode Listen Later Dec 19, 2025 22:46


Cybersecurity teams are facing a double edged sword of challenges and opportunities. On the one hand, AI tools offer a great deal of autonomous working and the promise of automating some of the more laborious tasks that a cybersecurity team has to undertake.On the other hand, attackers are also using AI to launch large scale attacks such as sophisticated phishing campaigns and identity theft. To fight this threat, cybersecurity teams will need to unify data like never before and take advantage of as many new technologies and processes as they can.How can they go about this? And what does a unified cybersecurity strategy really look like in 2026?In this episode, Rory is joined by Mandy Andress, chief information security officer at Elastic, to explore how businesses can evolve their threat detection and security posture, as well as how AI is lowering the barrier to entry for attackers.Read more:In the age of AI threats, the future of security is unifiedAI-generated code is now the cause of one-in-five breaches – but developers and security leaders alike are convinced the technology will come good eventuallyAI-generated code risks: What CISOs need to knowAgentic AI carries huge implications for security teams - here's what leaders should knowThe NCSC touts honeypots and ‘cyber deception' tactics as the key to combating hackers — but they could ‘lead to a false sense of security'

The Cybersecurity Defenders Podcast
#275 - Defender Fridays: Polymorphic Panic - Debunking the AI Malware Myth with Randy Pargman from Proofpoint

The Cybersecurity Defenders Podcast

Play Episode Listen Later Dec 12, 2025 32:35


Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

Closers Are Losers with Jeremy Miner
Why Influence Decides Every Sale with René Rodriguez

Closers Are Losers with Jeremy Miner

Play Episode Listen Later Dec 10, 2025 46:55


Many salespeople lose the deal long before they speak, because the brain decides whether to trust you in seconds. In this episode of The Next Level Podcast, Jeremy Miner talks with René Rodriguez, bestselling author, keynote speaker, and expert in applying behavioral neuroscience to real-world sales situations. René explains why 93% of communication happens before the words leave your mouth, how tonality and body language trigger either safety or resistance in the brain, and how elite salespeople use framing, storytelling, and emotional tie-downs to guide a prospect's thinking without pressure. If you want to master human behavior, prevent objections before they happen, and sell the way the brain naturally buys, this conversation covers it all.Chapters:(00:00) Introduction (02:10) René's Background in Neuroscience and Selling Change(07:26) How the Brain Makes Decisions (and Why Buyers Resist Change)(11:00) Tonality, Threat Detection, and the 93% Rule(14:52) Body Language, Congruency, and Subconscious Cues(20:11) How Elite Salespeople Prevent Objections (Not Handle Them)(26:12) Storytelling, Framing, and the Tie-Down Formula(33:58) Using Hand Gestures, Tone, and Presence to Increase TrustConnect with René Instagram: https://www.instagram.com/learnwithrene/Website: https://www.meetrene.com/Amplify Your Influence Book: https://www.amplifybook.comGot a question about sales, persuasion, or objection handling? Text me directly: +1-480-481-6755Join the 7th Level University: https://whop.com/discover/7thlevel/Join the waitlist for the Ask Jeremy 7q.AI : https://7q.ai/waitlistJoin the 7th Level Sales Team: https://hardlyselling.hirebus-careers.com/closer-7th-levelThe exact NEPQ script I used to earn $2.4M/year as a W-2 sales rep: https://nepqtraining.com/smv-yt-splt-opt-orgPrefer to understand the psychology behind NEPQ first? Grab The New Model of Selling: Selling to an Unsellable Generation on Amazon: https://www.amazon.com/dp/1636980112Book a call with my team: https://7thlevelhq.com/book-demo/Connect with Jeremy MinerYouTube: https://www.youtube.com/@jeremeyminerInstagram: https://www.instagram.com/jeremyleeminer/LinkedIn: https://www.linkedin.com/in/jeremyleeminer/Facebook: https://www.facebook.com/jeremy.miner.52

Closers Are Losers with Jeremy Miner
The Psychology of Influence & How To Win Every Sale with René Rodriguez | EP 399

Closers Are Losers with Jeremy Miner

Play Episode Listen Later Dec 10, 2025 46:56


Many salespeople lose the deal long before they speak, because the brain decides whether to trust you in seconds. In this episode of The Next Level Podcast, Jeremy Miner talks with René Rodriguez, bestselling author, keynote speaker, and expert in applying behavioral neuroscience to real-world sales situations. René explains why 93% of communication happens before the words leave your mouth, how tonality and body language trigger either safety or resistance in the brain, and how elite salespeople use framing, storytelling, and emotional tie-downs to guide a prospect's thinking without pressure. If you want to master human behavior, prevent objections before they happen, and sell the way the brain naturally buys, this conversation covers it all.   Chapters: (00:00) Introduction (02:10) René's Background in Neuroscience and Selling Change (07:26) How the Brain Makes Decisions (and Why Buyers Resist Change) (11:00) Tonality, Threat Detection, and the 93% Rule (14:52) Body Language, Congruency, and Subconscious Cues (20:11) How Elite Salespeople Prevent Objections (Not Handle Them) (26:12) Storytelling, Framing, and the Tie-Down Formula (33:58) Using Hand Gestures, Tone, and Presence to Increase Trust   Connect with René Instagram: ⁠https://www.instagram.com/learnwithrene/⁠ Website: ⁠https://www.meetrene.com/⁠ Amplify Your Influence Book: ⁠https://www.amplifybook.com⁠   Got a question about sales, persuasion, or objection handling? Text me directly: ⁠+1-480-481-6755⁠   Join the 7th Level University: ⁠https://whop.com/discover/7thlevel/⁠   Join the waitlist for the Ask Jeremy 7q.AI : ⁠https://7q.ai/waitlist⁠   Join the 7th Level Sales Team: ⁠https://hardlyselling.hirebus-careers.com/closer-7th-level⁠   The exact NEPQ script I used to earn $2.4M/year as a W-2 sales rep: ⁠https://nepqtraining.com/smv-yt-splt-opt-org⁠   Prefer to understand the psychology behind NEPQ first? Grab The New Model of Selling: Selling to an Unsellable Generation on Amazon:⁠ https://www.amazon.com/dp/1636980112⁠   Book a call with my team: ⁠https://7thlevelhq.com/book-demo/⁠   Connect with Jeremy Miner YouTube: ⁠https://www.youtube.com/@jeremeyminer⁠ Instagram:⁠ https://www.instagram.com/jeremyleeminer/⁠ LinkedIn: ⁠https://www.linkedin.com/in/jeremyleeminer/⁠ Facebook: ⁠https://www.facebook.com/jeremy.miner.52⁠

mnemonic security podcast
Present and Future of MDR

mnemonic security podcast

Play Episode Listen Later Dec 1, 2025 54:33


What is the future of MDR?In this episode of the mnemonic security podcast, Robby is joined by Migjen Hakaj from mnemonic's Innovation & Emerging Technologies Department and Amine Besson, wearing many hats including Detection Engineering & Threat Hunting SIG Chair at FIRST, Detection Engineering Tech Lead at the European Commission, and Threat Detection & Response Expert at the EU CyberNet.They've joined forces by collecting their shared extensive experience with security monitoring, and published a popular three-part blog series on what Managed Detection and Response (MDR) really is on a deep level, where they examine the past, present, and future challenges within the field.In their conversation they talk about the evolution of the SOC space, what main forms of security operations they are seeing today, and why they believe the SOC needs to change.They also explain why it's hard to define what MDR really is today, the main value proposition of MDR providers, and what the next big differentiators for MDR providers will be. As well as in what ways they've seen that the industry has matured over the last few years, where the industry needs radical change, and where AI SOC has a place and where its main challenges lie.Interested in more? Visit their blog series:The Present and Future of Managed Detection and Response: https://detect.fyi/the-present-and-future-of-managed-detection-and-response-01a72088e6f6The missing link in MDR. Spoiler, it starts with a Detection Engineering framework: https://detect.fyi/the-missing-link-in-mdr-spoiler-it-starts-with-a-detection-engineering-framework-5f836347c92fBeyond Detections : Scaling Analysis & Response to keep MDR relevant: https://detect.fyi/beyond-detections-scaling-analysis-response-to-keep-mdr-relevant-592285d0fd25Send us a text

Trust Issues
EP 17 - Privilege creep and the machine identity surge: Securing the modern enterprise

Trust Issues

Play Episode Listen Later Oct 9, 2025 49:57


In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation. Whether you're a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization's reputation, continuity, and trust.

Colorado = Security Podcast
279 - 10/6 - Greg Foss, Manager - Threat Detection @ Datadog

Colorado = Security Podcast

Play Episode Listen Later Oct 6, 2025 83:10


Our featured guest this week is Greg Foss, Manager - Threat Detection @ Datadog, interviewed by Frank Victory. News from Echostar, Space Command, DenAI Summit, CU Boulder, Webroot, Red Canary, Zvelo, Optiv, Ping Identity, and a lot more! You can find Greg and Frank at the following events if you'd like to see them in purpose:Greg: Lunch keynote at the CSA Fall Summit 2025 October 29th Frank: BSides Colorado Springs - "Pyramid of Pain - Defenders Edition" October 25th SnowFROC 2026 - March 26 and 27 University of Michigan CyberSecurity Symposium - Challenges of Training the Next Generation of Cybersecurity Professionals - October 30th Come join us on the Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: EchoStar unloads wireless spectrum to Musk's SpaceX for $17 billion Will Colorado lose 30,000 jobs when Space Command moves to Alabama? CU Boulder ranked No. 1 for launching startups based on university discoveries Guarding your family against the latest online threats Node problem: Tracking recent npm package compromises SaaS Risk Management for Vendors in the Age of AI Cybersecurity Capabilities for Maturing Your TPRM Programs Complying with NIST SP 800-63-4 Standards: Identity as the Roadmap Redefining incident response in the age of AI Upcoming Events: Check out the full calendar ISSA Denver - Denver ISSA Chapter Meeting at Secure World: How I Got Caught: A Deep Dive Into a 800K Fraud - 10/9 ISACA Denver - October Chapter Meeting - 10/16 ASIS Denver - ASIS ROCKY MOUNTAIN TRADE SHOW and NETWORKING - 10/21 ISSA Pikes Peak - Chapter Meeting - 10/22 CSA - CSA Fall Summit - 10/29 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

The Free Lawyer
The Best Strategies for Lawyers to Manage Stress and Cultivate Fulfillment #354

The Free Lawyer

Play Episode Listen Later Sep 25, 2025 41:18


In this episode of "The Free Lawyer," host Gary interviews neuro coach and Neuro Savvy founder Keshawn Hughes. Drawing from her own experience with burnout, Keshawn shares how neuroscience-based coaching can help lawyers and other professionals manage stress, improve leadership, and foster healthier workplace cultures. The conversation covers practical tools like the SCARF model, breathwork, and visualization, emphasizing self-awareness, intentional breaks, and connection. Keshawn encourages listeners to find fulfillment beyond competition and perfectionism, while Gary highlights the importance of collaboration and self-care for a more rewarding legal career.Keshawn Hughes, M.S. is a NeuroLeadership Strategist, Executive Coach, and Founder of NeuroSavvy® Leadership, a Women's Business Enterprise National Council (WBENC)- and Women-Owned Small Business-certified firm transforming workplaces through brain science and authentic leadership. With two decades of experience guiding global brands, Keshawn integrates neuroscience, communication, and business strategy to help corporations improve employee productivity, retention, and engagement.Known for her ability to make complex brain science deeply practical, Keshawn equips HR and Tech leaders with proven strategies to enhance well-being, fuel performance, and develop cultures of high-impact leadership. She is certified by the International Coaching Federation (ICF) and actively involved with the Society for Human Resource Management (SHRM) and the Association for Talent Development (ATD).Based in Atlanta, Georgia, Keshawn lives with her husband and daughter, and brings heart, clarity, and bold insights to every stage she steps on.Here is her free Breakout from Burnout Guide- https://keshawnhughes.com/breakout-from-burnout-guideKeshawn's Background and Burnout Journey (00:00:54)What is Neuro Coaching? (00:04:16).Neuroscience for Managing Lawyer Stress (00:06:24)Keshawn's Personal Burnout Story (00:10:00)Why Lawyers Struggle with Communication and Leadership (00:13:14)The SCARF Model and the “SCARF Trap” (00:16:43)SCARF in Law Firms: Competition and Perfectionism (00:17:57)Threat Detection and Decision-Making Under Stress (00:22:19)Applying Neuroscience to Difficult Interactions (00:23:51)Practical Tools: Nature, Breathwork, and Box Breathing (00:26:38)Visualization and the Brain (00:29:42)Connect Before You Correct: Feedback and Delegation (00:31:40)Building Trust and Overcoming Micromanagement (00:34:27)Finding Fulfillment and Mindfulness Practices (00:37:13)Would you like to learn more about Breaking Free or order your copy? https://www.garymiles.net/break-free Would you like to schedule a complimentary discovery call? You can do so here: https://calendly.com/garymiles-successcoach/one-one-discovery-call

Pass the Salt Live
CONTACT CHRISTIANITY | 9-4-2025

Pass the Salt Live

Play Episode Listen Later Sep 4, 2025 59:41


Show #2488 Show Notes: New Israeli AI “Threat Detection”: https://www.youtube.com/watch?v=Fh4r3E1MB0k Your gift isn’t for you: https://www.youtube.com/shorts/HEzbz5ePTTc Nick Sabin’s Greatest Hits: https://www.instagram.com/reel/DLVOJsgMmuC/ Righteous Hunter by John Rich: https://www.facebook.com/reel/24360728816930286 Coach’s Latest Commentary – Christianity is a Contact Sport: https://coachdavelive.com/articles/christianity-is-a-contact-sport Psalm 78: https://www.biblegateway.com/passage/?search=psalm%2078&version=KJV Matthew 11: https://www.biblegateway.com/passage/?search=Matthew%2011&version=KJV Centerfield – John Fogerty: https://www.youtube.com/watch?v=nOwPr6kGHRE&list=RDnOwPr6kGHRE&start_radio=1

Cloud Security Podcast by Google
EP241 From Black Box to Building Blocks: More Modern Detection Engineering Lessons from Google

Cloud Security Podcast by Google

Play Episode Listen Later Sep 1, 2025 31:33


Guest: Rick Correa,Uber TL Google SecOps, Google Cloud Topics: On the 3rd anniversary of Curated Detections, you've grown from 70 rules to over 4700. Can you walk us through that journey? What were some of the key inflection points and what have been the biggest lessons learned in scaling a detection portfolio so massively? Historically the SecOps Curated Detection content was opaque, which led to, understandably, a bit of customer friction. We've recently made nearly all of that content transparent and editable by users. What were the challenges in that transition? You make a distinction between "Detection-as-Code" and a more mature "Software Engineering" paradigm. What gets better for a security team when they move beyond just version control and a CI/CD pipeline and start incorporating things like unit testing, readability reviews, and performance testing for their detections? The idea of a "Goldilocks Zone" for detections is intriguing – not too many, not too few. How do you find that balance, and what are the metrics that matter when measuring the effectiveness of a detection program? You mentioned customer feedback is important, but a confusion matrix isn't possible, why is that? You talk about enabling customers to use your "building blocks" to create their own detections. Can you give us a practical example of how a customer might use a building block for something like detecting VPN and Tor traffic to augment their security? You have started using LLMs for reviewing the explainability of human-generated metadata. Can you expand on that? What have you found are the ripe areas for AI in detection engineering, and can you share any anecdotes of where AI has succeeded and where it has failed?    Resources EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther “Back to Cooking: Detection Engineer vs Detection Consumer, Again?” blog “On Trust and Transparency in Detection” blog “Detection Engineering Weekly” newsletter “Practical Threat Detection Engineering” book

Joey Pinz Discipline Conversations
#719 ChannelCon-Nadav Shenker: From SCUBA to Secure Email: A CEO's Refreshing Take on Cyber

Joey Pinz Discipline Conversations

Play Episode Listen Later Aug 27, 2025 39:37 Transcription Available


Send us a textIn this refreshingly candid episode of the Joey Pinz Discipline Conversations podcast, Joey dives deep with Nadav Shenker, CEO of Vircom, a leading provider of email security solutions.

Autonomous IT
CISO IT — Hacker Summer Camp 2025: A Recap of Black Hat & DEF CON, E19

Autonomous IT

Play Episode Listen Later Aug 14, 2025 6:17


Join Automox CISO and SVP of Product Jason Kikta for a recap of Black Hat and DEF CON 2025. In this episode, Jason shares his take on the conversation around AI in cybersecurity shifting from hype to practical tools for defenders. Hear why integrating AI into your CI/CD pipeline, alert triage, and vulnerability management could be a game changer, plus thoughts on choosing the right security events for your personality and goals. Whether you're a conference veteran or a curious first-timer, this episode offers insights, humor, and encouragement to get more involved in the security community.

Found In The Rockies
Chris Peterson (Radicl) // Building Military-Grade Cybersecurity for SMBs

Found In The Rockies

Play Episode Listen Later Aug 6, 2025 46:45


Summary:In today's episode, Les speaks with Chris Peterson, co-founder and CEO of Radicl, and a pioneer in cybersecurity innovation. Chris shares his inspiring journey from early days at Price Waterhouse to co-founding LogRhythm, and now leading Radicl - a company on a mission to bring military-grade cybersecurity to small and medium-sized businesses (SMBs), especially those in the defense industrial base (DIB). With humility, vision, and deep industry experience, Chris talks about the challenges of cybersecurity for SMBs, the promise of AI in threat detection, and the principles that drive Radicl's product and culture.Here's a closer look at the episode:1. Chris's Cybersecurity RootsGrew up curious and mischievous - early hacking instincts emerged from pushing boundaries.First tech job at Price Waterhouse, where he was inspired by early internet penetration testing.Mentored by pioneers like George Kurtz (founder of CrowdStrike) and Ron Gula.Early work included database security assessments and automated audit tools.2. Building LogRhythmCo-founded LogRhythm after stints at Counterpane and Tenable.Bootstrapped early development by selling his home and self-funding the venture.Partnered with Phil Villella (nuclear physicist) and Andy Grolnick (CEO) to scale the company.Lessons from early days: founder commitment, frugality, focus on product-market fit.LogRhythm grew to 500 employees before exiting via private equity in 2018.3. The Genesis of RadiclFounded Radicl to address cybersecurity gaps in SMBs within the defense supply chain.Inspired by the SolarWinds hack and national security threats.Assembled a founding team including his brother Matt and a former fighter pilot.Mission: protect under-defended SMBs in DIB against industrial espionage.4. The Opportunity and Market NeedDIB SMBs are often unable to afford or operate traditional cybersecurity solutions.Barriers include tight margins, complex compliance (e.g. CMMC), and lack of in-house talent.Advances in cloud, automation, and AI now make affordable, scalable solutions viable.Radicl addresses both compliance operations and 24/7 security operations via software + human hybrid model.5. Radicl's Product and PlatformDelivers “virtual SOC” capabilities—blending human expertise with AI and automation.Handles CMMC readiness, threat detection, incident response, and vulnerability management.Designed for transparency: customers can engage with Radicl's ops team in-platform.AI-driven agents are increasingly being introduced to reduce cost and improve response times.6. Looking AheadPreparing for a Series A raise in the next 4–6 months to accelerate R&D investment.Focused on doubling down on AI innovation and expanding platform features.Vision: democratize advanced cybersecurity for SMBs while delivering elite protection to the DIB.Chris aims to balance company building with family, health, and meditation—striving for better life integration as a second-time founder.Resources:Website: RADICLhttps://www.linkedin.com/company/radicl-defense/ https://radicl.com/Chris Petersonhttps://www.linkedin.com/in/chrispetersen1/ https://radicl.com/bio-chris-petersen 

ITSPmagazine | Technology. Cybersecurity. Society
Making Honeypots Useful Again: Identity Security, Deception, and the Art of Detection | A Conversation with Sean Metcalf | Redefining CyberSecurity with Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 30, 2025 31:48


⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

ITSPmagazine | Technology. Cybersecurity. Society
ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John Lilliston

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 29, 2025 17:51


ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John LillistonJoin ITSP Magazine's Marco Ciappelli and Sean Martin as they preview ThreatLocker's exciting Black Hat 2025 presence with Detect Product Director John Lilliston. Discover upcoming major announcements, hands-on hacking demos, and how ThreatLocker's default deny approach is revolutionizing enterprise cybersecurity through comprehensive zero trust implementation.As Black Hat USA 2025 approaches, cybersecurity professionals are gearing up for one of the industry's most anticipated events. ITSP Magazine's Marco Ciappelli and Sean Martin recently sat down with John Lilliston, ThreatLocker's Detect Product Director, to preview what promises to be an exciting showcase of zero trust innovation at booth 1933.ThreatLocker has become synonymous with the "default deny" security approach, a philosophy that fundamentally changes how organizations protect their digital assets. Unlike traditional security models that allow by default and block known threats, ThreatLocker's approach denies everything by default and allows only approved applications, network communications, and storage operations. This comprehensive strategy operates across application, network, and storage levels, creating what Lilliston describes as a "hardened system that stops adversaries in their tracks."The company's rapid growth reflects the industry's embrace of zero trust principles, moving beyond buzzword status to practical, enterprise-ready solutions. Lilliston, who joined ThreatLocker in February after evaluating their products from the enterprise side, emphasizes how the platform's learning mode and ring fencing capabilities set it apart from competitors in the application control space.At Black Hat 2025, ThreatLocker will demonstrate their defense-in-depth strategy through their Detect product line. While their primary zero trust controls rarely fail, Detect provides crucial monitoring for applications that must run in enterprise environments but may have elevated risk profiles. The system can automatically orchestrate responses to threats, such as locking down browsers exhibiting irregular behavior that might indicate data exfiltration attempts.Visitors to booth 1933 can expect hands-on demonstrations and on-demand hacking scenarios that showcase real-world applications of ThreatLocker's technology. The company is preparing major announcements that CEO Danny Houlihan will reveal during the event, promising game-changing developments for both the organization and its client base.ThreatLocker's Black Hat agenda includes a welcome reception on Tuesday, August 5th, from 7-10 PM at the Mandalay Bay Complex, and Houlihan's presentation on "Simplifying Cybersecurity" on Thursday, August 7th, from 10:15-11:05 AM at Mandalay Bay J.The convergence of practical zero trust implementation, cutting-edge threat detection, and automated response capabilities positions ThreatLocker as a key player in the evolving cybersecurity landscape, making their Black Hat presence essential viewing for security professionals seeking comprehensive protection strategies.Keywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operationsLearn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content.Learn more.Guests:John LillistonCybersecurity Director | Threat Detection & Response | SOC Leadership | DFIR | EDR/XDR Strategy | GCFA, GISP | https://www.linkedin.com/in/john-lilliston-4725217b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerThreatLocker® Welcome Reception | Don't gamble with your security! Join us at Black Hat for a lively Welcome Reception hosted by ThreatLocker®. Meet our Cyber Hero® Team and dive into discussions on the latest advancements in ThreatLocker®Endpoint Security. It's a great opportunity to connect and learn together! ‍‍Time: 7PM - 10PM | Location: Mandalay Bay Complex RSVP below and we'll send you a confirmation email with all the details.[ Welcome Reception RSVP ]Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

AWS for Software Companies Podcast
Ep123: Signal from the Noise - How SecurityScorecard leverages AI to Power Global Threat Detection

AWS for Software Companies Podcast

Play Episode Listen Later Jul 25, 2025 17:22


Mark Stevens, SVP, Channels and Alliances, discusses how SecurityScorecard's strategic partnership with AWS enables them to scale their security solutions through cloud infrastructure, marketplace integration, and co-sell programsTopics Include:SecurityScorecard founded 10 years ago to understand third-party vendor security postureCompany has grown to 3,000 enterprise customers and 200+ partners globallyEvolved from ratings to "supply chain detection and response" over last yearSupply chain threats have doubled, creating extended attack surfaces for companiesMany organizations don't know their vendor count or vulnerabilities within supply chainsSecurityScorecard provides visibility into attack surfaces and management tools for controlGenerative AI is central to their ecosystem, leveraging AWS Bedrock extensivelyThey scan the entire internet every two days at massive scaleHave scored 12 million companies with security scorecards to dateAll workloads run on AWS cloud infrastructure as their primary platformAWS partnership provides necessary scale for managing hundreds of thousands of vendorsCase study: Identified vendor misconfigurations that could shut down 1,000 locationsOwn massive 10-year data lake with tens of millions of companiesNew managed service combines AI automation with human analysts for supportLarge organizations cannot fully automate supply chain security management yetQuality threat intelligence data now valuable to SOC teams, not just riskThird-party risk management and SOC teams are slowly converging for better securityAWS marketplace integration provides frictionless customer experience and larger dealsCo-sell programs with AWS enterprise sales teams create effective flywheel motionFuture expansion includes identity management, response actions, and internal signal managementParticipants:Mark Stevens – SVP, Channels and Alliances, SecurityScorecardFurther Links:SecurityScorecard.ioSecurityScorecard AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Cloud Security Podcast by Google
EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise

Cloud Security Podcast by Google

Play Episode Listen Later Jun 23, 2025 30:40


Guest: David French, Staff Adoption Engineer, Google Cloud Topic: Detection as code is one of those meme phrases I hear a lot, but I'm not sure everyone means the same thing when they say it. Could you tell us what you mean by it, and what upside it has for organizations in your model of it? What gets better for security teams and security outcomes when you start managing in a DAC world? What is primary, actual code or using SWE-style process for detection work? Not every SIEM has a good set of APIs for this, right? What's a team to do in a world of no or low API support for this model?  If we're talking about as-code models, one of the important parts of regular software development is testing. How should teams think about testing their detection corpus? Where do we even start? Smoke tests? Unit tests?  You talk about a rule schema–you might also think of it in code terms as a standard interface on the detection objects–how should organizations think about standardizing this, and why should they? If we're into a world of detection rules as code and detections as code, can we also think about alert handling via code? This is like SOAR but with more of a software engineering approach, right?  One more thing that stood out to me in your presentation was the call for sharing detection content. Is this between vendors, vendors and end users?  Resources: Can We Have “Detection as Code”? Testing in Detection Engineering (Part 8) “So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love” book EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther Getting Started with Detection-as-Code and Google SecOps Detection Engineering Demystified: Building Custom Detections for GitHub Enterprise From soup to nuts: Building a Detection-as-Code pipeline David French - Medium Blog Detection Engineering Maturity Matrix  

Cloud Security Podcast by Google
EP228 SIEM in 2025: Still Hard? Reimagining Detection at Cloud Scale and with More Pipelines

Cloud Security Podcast by Google

Play Episode Listen Later Jun 2, 2025 27:09


Guest Alan Braithwaite, Co-founder and CTO @ RunReveal Topics: SIEM is hard, and many vendors have discovered this over the years. You need to get storage, security and integration complexity just right. You also need to be better than incumbents. How would you approach this now? Decoupled SIEM vs SIEM/EDR/XDR combo. These point in the opposite directions, which side do you think will win? In a world where data volumes are exploding, especially in cloud environments, you're building a SIEM with ClickHouse as its backend, focusing on both parsed and raw logs. What's the core advantage of this approach, and how does it address the limitations of traditional SIEMs in handling scale?  Cribl, Bindplane and “security pipeline vendors” are all the rage. Won't it be logical to just include this into a modern SIEM? You're envisioning a 'Pipeline QL' that compiles to SQL, enabling 'detection in SQL.' This sounds like a significant shift, and perhaps not to the better? (Anton is horrified, for once) How does this approach affect detection engineering? With Sigma HQ support out-of-the-box, and the ability to convert SPL to Sigma, you're clearly aiming for interoperability. How crucial is this approach in your vision, and how do you see it benefiting the security community? What is SIEM in 2025 and beyond?  What's the endgame for security telemetry data? Is this truly SIEM 3.0, 4.0 or whatever-oh? Resources: EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures “20 Years of SIEM: Celebrating My Dubious Anniversary” blog “RSA 2025: AI's Promise vs. Security's Past — A Reality Check” blog tl;dr security newsletter Introducing a RunReveal Model Context Protocol Server! MCP: Building Your SecOps AI Ecosystem AI Runbooks for Google SecOps: Security Operations with Model Context Protocol  

Cloud Security Podcast
Securing AI: Threat Modeling & Detection

Cloud Security Podcast

Play Episode Listen Later May 27, 2025 37:32


Is Artificial Intelligence the ultimate security dragon, we need to slay, or a powerful ally we must train? Recorded LIVE at BSidesSF, this special episode dives headfirst into the most pressing debates around AI security.Join host Ashish Rajan as he navigates the complex landscape of AI threats and opportunities with two leading experts:Jackie Bow (Anthropic): Championing the "How to Train Your Dragon" approach, Jackie reveals how we can leverage AI, and even its 'hallucinations,' for advanced threat detection, response, and creative security solutions.Kane Narraway (Canva): Taking the "Knight/Wizard" stance, Kane illuminates the critical challenges in securing AI systems, understanding the new layers of risk, and the complexities of AI threat modeling.

The Tech Blog Writer Podcast
3274: Inside Abnormal AI's Approach to Threat Detection

The Tech Blog Writer Podcast

Play Episode Listen Later May 11, 2025 26:49


In today's episode of Tech Talks Daily, I reconnect with Abnormal AI's CIO, Mike Britton, to explore one of the most pressing topics in the tech world—AI regulation and cybersecurity.  Speaking from his base near Dallas, Mike brings a pragmatic perspective shaped by decades of experience at the intersection of enterprise technology and security. As the debate around artificial intelligence evolves, we examine the growing divide between the United States and Europe on regulatory approaches and what business leaders can learn from each side. While Europe takes a more cohesive, application-based approach, the US remains fragmented, relying on state-by-state policies and sector-specific laws. Mike unpacks why this patchwork complicates global alignment and what an effective risk-based, standardized framework might look like. He argues that regulation must focus on how AI is applied, not just its scale, especially as the technology becomes embedded in everything from healthcare to email automation. We also touch on the unintended consequences of overregulation, including the risk of pushing innovation into regions with fewer safeguards. As Abnormal Security works with some of the world's largest brands, Mike offers a frontline view into how threat actors are already leveraging AI to outpace traditional defenses. His insights reinforce the need for transparency, human oversight, and "kill switches" to ensure AI remains a tool for good, not a liability. From real-world examples to strategic recommendations, Mike outlines what CIOs and CISOs need to know now. His advice is clear, grounded, and actionable, whether embracing regulatory sandboxes, staying alert to geopolitical nuances in AI models, or maintaining continuous learning in a fast-moving space. So, how do we keep innovation ethical and secure in a world where AI is moving faster than ever? And what steps should technology leaders take to avoid falling behind or losing control of the tools meant to drive progress?

ITSPmagazine | Technology. Cybersecurity. Society
Simplifying Cybersecurity Operations at Scale: Automation with a Human Touch | A Brand Story with Subo Guha from Stellar Cyber | An On Location RSAC Conference 2025 Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 7, 2025 19:38


In this episode, Subo Guha, Vice President of Product Management at Stellar Cyber, shares how the company is reshaping cybersecurity operations for managed service providers (MSPs) and their customers. Stellar Cyber's mission is to simplify security without compromising depth—making advanced cybersecurity capabilities accessible to organizations without enterprise-level resources.Subo walks through the foundations of their open XDR platform, which allows customers to retain the endpoint and network tools they already use—such as CrowdStrike or SentinelOne—without being locked into a single ecosystem. This flexibility proves especially valuable to MSSPs managing dozens or hundreds of customers with diverse toolsets, including those that have grown through acquisitions. The platform's modular sensor technology supports IT, OT, and hybrid environments, offering deep packet inspection, network detection, and even user behavior analytics to flag potential lateral movement or anomalous activity.One of the most compelling updates from the conversation is the introduction of their autonomous SOC capability. Subo emphasizes this is not about replacing humans but amplifying their efforts. The platform groups alerts into actionable cases, reducing noise and allowing analysts to respond faster. Built-in machine learning and threat intelligence feeds enrich data as it enters the system, helping determine if something is benign or a real threat.The episode also highlights new program launches like Infinity, which enhances business development and peer collaboration for MSSP partners, and their Cybersecurity Alliance, which deepens integration across a wide variety of security tools. These efforts reflect Stellar Cyber's strong commitment to ecosystem support and customer-centric growth.Subo closes by reinforcing the importance of scalability and affordability. Stellar Cyber offers a single platform with unified licensing to help MSSPs grow without adding complexity or cost. It's a clear statement: powerful security doesn't need to be out of reach for smaller teams or companies.This episode offers a practical view into what it takes to operationalize cybersecurity across diverse environments—and why automation with human collaboration is the path forward.Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, subo guha, xdr, mssp, cybersecurity, automation, soc, ai, ot, threat detection, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More