Podcasts about threat detection

Adam helps a client to calm down their hyper vigilance using a metaphor of laying down the armour and recalibrating their threat detection system. This is a useful session if you always feel like you're on high alert.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Everyone seems to have an opinion on AI. Today, we interviewed Levi Gundert, the Chief Security and Intelligence Officer for Recorded Future. He thinks that AI gives federal leaders an opportunity to fight back. For example, one aspect of cybersecurity is velocity; the number of attacks has expanded exponentially. Gundert thinks this is an opportunity to match this attack's velocity. Many will balk at this opinion. They will describe federal data as challenged in cross-domain sharing, data labeling, and data trapped in PDFs or legacy systems. During the interview, in a refreshing observation, Gundert observes that defenders have always been on the back foot. Always in defense. Finally, AI can give tools that level the playing field. One application of AI is the ingestion of the data provided to federal systems. AI can be used to provide actionable intelligence. In some systems, this deluge can result in false alerts. When used properly, AI can filter through the signal and identify what is critical. Gundert emphasizes the need for automation and decision advantages in threat intelligence, the challenges of data fragmentation and legacy systems, and the urgency of upgrading systems to address vulnerabilities. They also touch on the role of AI in insider threats, the potential of Mythos to increase vulnerabilities, and the importance of sharing threat information to enhance cybersecurity.

The future of SOC operations is AI-driven, automated, and faster than ever before. In this deep-dive masterclass, InfosecTrain explores how Artificial Intelligence is moving from a buzzword to a fundamental engine for modern Security Operations Centers. We break down the shift from manual alert fatigue to intelligent threat detection, automated triage, and the predictive analytics that are defining the 2026 security landscape.The "course titled" Advanced AI SOC Analyst Certification Training is designed to bridge the gap between traditional security monitoring and the next generation of autonomous defense. We provide a high-level briefing on how to integrate AI into your SIEM and EDR workflows, ensuring that analysts can focus on high-impact hunting while AI handles the noise of real-time security operations.

Fagan Afandiyev — Elite Cybersecurity Competitor and Legendary Whitehatter No Password Required: Breakout Room: Episode 1 — Fagan Afandiyev Fagan Afandiyev is a cybersecurity student at the University of South Florida and a member of the CyberHerd competition team, known for his strategic mindset and passion for solving complex challenges. From competing in international robotics competitions to discovering cybersecurity through hands-on platforms, Fagan has built his skills through curiosity, persistence, and a love for problem solving. Fagan shares how competitions, community, and continuous learning shaped his journey into cybersecurity. He walks through his growth within USF's cyber community, and how that led to a penetration testing internship at Microsoft. He also offers insight into the mindset needed to succeed in cybersecurity, encouraging others to embrace challenges, learn through failure, and find enjoyment in the process. Follow Fagan on Linked in here: https://www.linkedin.com/in/fagan-afandi/ Presented by ThreatLocker Chapters:  00:00 Introduction to Cybersecurity Passion 3:02   Journey to Cyber Herd and University Life 06:12 Internship at Microsoft and Career Aspirations 08:59 Hackathon Experience and Community Engagement 12:39 Behind the Scenes of Cyber Competitions 14:30  Overcoming Challenges in Cyber Competitions 18:00 Gratitude and Mentorship in Cybersecurity  

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it. Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin. In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely. The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods. This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Rob Demain, CEO & Founder, e2e-assure LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468 RESOURCES e2e-assure website: https://e2e-assure.com OT Downtime and Remediation Gaps Research: https://e2e-assure.com Are you interested in telling your story? Full Length Brand Story: https://www.studioc60.com/content-creation#full Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight Brand Highlight Story: https://www.studioc60.com/content-creation#highlight   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

A secretive AI called Mythos is already finding zero-day exploits that humans missed for decades, but Anthropic claims it is too risky for public release. Hear what leading security experts think could happen if this technology escapes the lab. Claude Mythos Preview System Card - Claude Mythos Preview System Card.pdf Sam Altman May Control Our Future—Can He Be Trusted? Meta Employees Vie for AI 'Token Legend' Status Meta releases new model for Social Media "Muse Spark" Why OpenAI's Purchase of a Big Tech Podcast Is So Sleazy How Accurate Are Google's A.I. Overviews? Testing suggests Google's AI Overviews tell millions of lies per hour Google's AI Overviews are correct nine out of ten times, study finds How A.I. Helped One Man (and His Brother) Build a $1.8 Billion Company The back story behind the first "$1.8 Billion" dollar "AI Company" It's Called Silicon Sampling, and It's Going to Ruin Public Opinion Polling Cloudflare builds what it calls the successor to WordPress JuliusBrussee/caveman:

Vijit Nair, VP of Product Management at Corelight, joins Sean Martin on the floor of RSAC Conference 2026 for a conversation about what it takes to move security operations from AI-assisted to AI-autonomous. Corelight is the fastest-growing company in the network detection and response (NDR) space, and Nair has spent six years helping build the platform from early network monitoring to its current position as a Gartner Magic Quadrant Leader. The company's open NDR platform transforms raw network traffic into high-fidelity, unopinionated evidence -- and that evidence is now powering the next leap: agentic triage. Corelight's newly launched Agentic Triage product moves beyond the "level one" AI assistant model -- where a system answers questions but takes no action -- to a "level two" agent that actually investigates and triages alerts. It identifies the riskiest entities in an environment, collects all associated context and data, runs a full investigation cycle, and delivers a verdict with full evidence attached. Nair calls it "bringing the receipts": analysts see not just the conclusion but every step of the reasoning. Early results show a 10x increase in investigation speed and 60-70% of alerts being automatically triaged. The network is having a resurgence as an essential visibility layer, and Nair explains why: attackers have adapted to EDR. Nation-state-style campaigns like Volt Typhoon and Salt Typhoon operate in the network layer, targeting unmanaged devices, routers, firewalls, and VPNs that endpoint tools cannot see. Corelight almost always finds something in the first 30 days of a pilot deployment -- from shadow IT and shadow VPNs to active red team attacks using tools like Sliver-based C2 frameworks. On the question of SOC adoption, Nair pushes back on the assumption that hesitation comes from the top. The hunger for AI-powered tools runs from CISOs all the way down to the analysts dealing with alert overload and understaffed teams. A recent customer put it simply: "This is amazing. Please don't take it away from me." Nair frames the path to full autonomy as a spectrum -- from human-controlled to fully agentic -- and draws the comparison to Waymo: the journey is measured and incremental, but the destination is inevitable. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vijit Nair, VP of Product Management, Corelighthttps://www.linkedin.com/in/vijitn RESOURCES Corelight: https://corelight.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vijit Nair, Corelight, Sean Martin, network detection and response, NDR, agentic triage, AI SOC, autonomous security operations, SOC automation, network security monitoring, threat detection, AI-powered security, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Tony Anscombe has attended RSA Conference since 1998 -- back when it was held at the Fairmont Hotel. That long view informs everything about how ESET approaches threat intelligence. It is not about volume. It is about accuracy, speed, and putting the right signal in front of the right team at the right moment. The ESET eCrime Ecosystem Report comes in two forms: a business-facing summary outlining current risks for leadership, and a long-form technical report for analysts -- complete with IOCs, coding examples, and structured intelligence feeds covering ransomware, crypto scams, malicious email attachments, and infostealer data. These feeds are built to plug directly into SOC workflows and firewall rules, not to create more work for already stretched teams. Tony Anscombe is direct about the quality problem in threat intelligence. Open-source feeds sound appealing -- until you factor in the analyst hours required to clean out the noise. By then, the intelligence is stale. Attacks circle the globe in hours. Near-real-time, verified intelligence is not a premium -- it is the baseline requirement. The threat detection conversation has also moved well past malware. Anscombe walks through how modern attackers often skip the payload entirely -- credential theft gets them in, then slow lateral movement and data exfiltration follow, with ransomware as the final act rather than the first signal. ESET's platform focuses on behavioral anomaly detection across the full environment, with on-site, cloud, and managed deployment options for organizations that cannot or will not go all-in on cloud architecture. At RSAC Conference 2026, ESET will be at booth 5253 in Moscone North. Anscombe has two sessions on the Wednesday agenda: one on supply chain blind spots -- urging security teams to engage directly with the business side to map third-party risk fully -- and a community rant session tackling four things that need to change in cybersecurity, including the cryptocurrency regulation debate. On AI, his message is measured: the real conversation at the show is not about using AI -- it is about securing it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET website: https://www.eset.com ESET threat research blog (WeLiveSecurity): https://www.welivesecurity.com ESET at RSAC Conference 2026 -- Booth 5253, Moscone North Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, RSAC Conference 2026, eCrime, threat intelligence, eCrime Ecosystem Report, cybersecurity, endpoint protection, MDR, threat detection, supply chain security, AI security, ransomware, infostealer, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Federal agencies and businesses face growing exposure to wireless threats as modern devices introduce new cybersecurity attack vectors that traditional security tools cannot detect or control. To mitigate consumer and enterprise risks associated with IoT devices in no-phone zones, Bastille Networks' wireless intrusion detection system identifies and quarantines unauthorized emitters and behavioral abnormalities before data breaches can occur. Explore real-world examples of how Bastille's IoT security solution proactively defends mission-critical environments from covert emissions, unapproved device behavior and Wi-Fi deauthentication attacks.

Madhav Nakar — AI Security Researcher and Documentarian of Spirituality and Play   No Password Required Season 7: Episode 3 - Madhav Nakar   Madhav Nakar is a Security Researcher at BeyondTrust specializing in identity threats, endpoint security, and cloud attack paths. With a background in theoretical mathematics, his current research focuses on analyzing attacker behavior to build practical systems of detection.   In this episode, Madhav shares the pivotal moments that shaped his career, including his first experience witnessing a nation-state attack unfold in real time from his seat in a SOC. He explains how mathematical thinking sharpens security strategy and why strong research is rooted in exploration, not predetermined outcomes.   Jack Clabby of Carlton Fields, joined by co-host Kayley Melton of the Cognitive Security Institute, welcomes Madhav for a conversation on modern cyber defense. From AI-driven attacks and agentic systems to privilege escalation risks in role-based access environments, Madhav breaks down what teams are getting wrong about AI and why defending against AI increasingly requires AI-powered tools.   The conversation turns to Madhav's philosophy of “serious play,” where curiosity, experimentation, and failure fuel better research and resilience. He also shares insights from his spiritual and philosophy project, The Fire of Knowing, exploring consciousness and belief through a neutral lens.   In the Lifestyle Polygraph, Madhav pitches a cybersecurity documentary, debates growth versus comfort, and reflects public dancing experiments.  Follow Madhav Nakar here: https://www.linkedin.com/in/madhav-nakar/ Follow "The Fire of Knowing" on Instagram and Youtube!  CHAPTERS:  00:00 Introduction with Kayley and Jack 08:08 Transition from Theoretical Math to Cybersecurity 16:13 Exploring Spiritual Traditions and Madhav's Documentary 19:48 The Intersection of Art and Science in Content Creation 25:20 The Lifestyle Polygraph: Challenging Perspectives on Security

email chris@drchrisloomdphd.com with "Podcast freebie" to book a coveted FREE guest spot on the show. To book a PREMIUM spot on the Podcast: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.drchrisloomdphd.com/_paylink/AZpgR_7f⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Book a 1-on-1 coaching call: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.drchrisloomdphd.com/booking-calendar/introductory-session⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Subscribe to our email list: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://financial-freedom-podcast-with-dr-loo.kit.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠Disclaimer: Not advice. Educational purposes only. Not an endorsement for or against. Results not vetted. Views of the guests do not represent those of the host or show.  

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

If your business was hacked today, would you know? Most companies discover cyber breaches 7 months after attackers infiltrate their networks. That's 207 days of undetected network intrusion, data theft, and security compromise.In this cybersecurity information episode, Darnley's reveals why silent data breaches happen, personal experience, how hackers remain undetected in business networks, and what signs indicate your company may already be compromised.Learn about:Average breach detection time and why dwell time matters for business securityHow cybercriminals use stealth tactics to evade network security toolsReal-world data breach examples: Target, Equifax, and Marriott hotel breach casesWarning signs of network compromise most IT security teams missThreat detection strategies to identify cyber attacks before massive data lossIncident response planning and cybersecurity monitoring best practicesDiscover how to detect network intrusions faster, reduce breach dwell time, and protect your business from silent cyber attacks. Whether you're a small business owner, IT professional, or security manager, this episode provides actionable cybersecurity advice.The silent breach is only silent if you're not listening. Learn how to protect your business network today.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

Guest: Daniel Lyman, VP of Threat Detection and Response, Fiserv Topics: What is the right way for people to bridge the gap and translate executive dreams and board goals into the reality of life on the ground? How do we talk to people who think they have "transformed" their SOC simply by buying a better, shinier product (like a modern SIEM) while leaving their old processes intact? What are the specific challenges and advantages you've seen with a federated SOC versus a centralized one? What does a "federated" or "sub-SOC" model actually mean in practice? Why is the message that "EDR doesn't cover everything" so hard for some people to hear? Is this obsession with EDR a business decision or technology debt? How do you expect AI to change the calculus around data centralization versus data federation? What is your favorite example of telemetry that is useful, but usually excluded from a SIEM? What are the Detection and Response organizational metrics that you think are most valuable? Is the continued use of Excel an issue of tooling, laziness, or just because it is a fundamentally good way to interact with a small database? Resources: Video version "In My Time of Dying" book EP258 Why Your Security Strategy Needs an Immune System, Not a Fortress with Royal Hansen EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective The Gravity of Process: Why New Tech Never Fixes Broken Process and Can AI Change It? blog

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Discover how identity and access management (IAM) is reshaping cybersecurity in cloud ERP, enabling businesses to be safer, faster, and more compliant with clarity in roles and responsibilities.=====In this insightful episode of the Future of ERP podcast, Aditya Thakurdesai from Infosys dives deep into the vital topic of identity and access management (IAM) in cloud ERP environments. He explains why understanding "who owns what" in IAM is non-negotiable to ensure security, compliance, and operational efficiency amid today's complex hybrid IT infrastructures. Aditya shares compelling customer stories- rom a global pharmaceutical company safeguarding sensitive research data to a large retailer accelerating seasonal workforce onboarding - highlighting how the shared responsibility model brings clarity and confidence in managing cloud security. The discussion further explores how AI is revolutionizing IAM, with intelligent threat detection, adaptive access control, and proactive governance transforming traditional security roles. This episode is a must-listen for any business navigating cloud security risks and looking to leverage AI for smarter, faster, and safer ERP management. Tune in and learn how to stay ahead in the evolving cybersecurity landscape.⁠⁠⁠Download Episode Transcript⁠⁠⁠Useful Links:Learn how the shared responsibility model for SAP Cloud ERP Private defines roles, streamlines operations, and improves security and compliance: Operate your cloud ERP with confidence and control SAP Cloud ERPInfosysFollow Us on Social Media!⁠⁠⁠SAP Cloud ERP - LinkedIn⁠⁠⁠=====Guest: Aditya Thakurdesai, Director – Enterprise Security , InfosysAditya is a seasoned SAP Security and GRC professional, currently serving as Director – Enterprise Security at Infosys. With nearly two decades of experience, he has delivered transformative security solutions that seamlessly integrate deep domain expertise with emerging technologies. In his current role, Aditya heads the Manufacturing and Communications, Media & Technology segments within Infosys' Enterprise Risk Management Services group. He also drives strategic Centre of Excellence initiatives focused on security transformation, intelligent automation, and AI innovation. His current passion lies in Agentic AI, where he has developed pioneering solution that introduce new levels of agility, compliance, and scalability to enterprise security operations.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠LinkedIn⁠⁠⁠ and ⁠⁠⁠X⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's LinkedIn and SAP Community=====Key Topics: Identity Management, Access Management, Cloud ERP, Shared Responsibility, Compliance, Security, Artificial Intelligence, AI, Threat Detection, Case Studies

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Cybersecurity teams are facing a double edged sword of challenges and opportunities. On the one hand, AI tools offer a great deal of autonomous working and the promise of automating some of the more laborious tasks that a cybersecurity team has to undertake.On the other hand, attackers are also using AI to launch large scale attacks such as sophisticated phishing campaigns and identity theft. To fight this threat, cybersecurity teams will need to unify data like never before and take advantage of as many new technologies and processes as they can.How can they go about this? And what does a unified cybersecurity strategy really look like in 2026?In this episode, Rory is joined by Mandy Andress, chief information security officer at Elastic, to explore how businesses can evolve their threat detection and security posture, as well as how AI is lowering the barrier to entry for attackers.Read more:In the age of AI threats, the future of security is unifiedAI-generated code is now the cause of one-in-five breaches – but developers and security leaders alike are convinced the technology will come good eventuallyAI-generated code risks: What CISOs need to knowAgentic AI carries huge implications for security teams - here's what leaders should knowThe NCSC touts honeypots and ‘cyber deception' tactics as the key to combating hackers — but they could ‘lead to a false sense of security'

Join us for this week's Defender Fridays as we explore the reality of AI-powered malware threats with Randy Pargman, Senior Director of Threat Detection at Proofpoint.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.In this episode, Randy challenges the hype around AI-powered polymorphic malware and examines how threat actors actually operate in practice. He discusses why defenders should focus on real-world threats rather than theoretical sophisticated attacks.Key Topics:The gap between AI malware hype and practical realityWhy threat actors prefer simple, effective methods over sophisticated techniquesThe prevalence of legitimate RMM tools in modern attacksBuilding practical detection strategies for actual threatsLessons from physical security that apply to cybersecurity defenseRandy Pargman is Senior Director of Threat Detection at Proofpoint, where he leads detection engineering, sandbox development, and threat actor tracking initiatives. Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

Many salespeople lose the deal long before they speak, because the brain decides whether to trust you in seconds. In this episode of The Next Level Podcast, Jeremy Miner talks with René Rodriguez, bestselling author, keynote speaker, and expert in applying behavioral neuroscience to real-world sales situations. René explains why 93% of communication happens before the words leave your mouth, how tonality and body language trigger either safety or resistance in the brain, and how elite salespeople use framing, storytelling, and emotional tie-downs to guide a prospect's thinking without pressure. If you want to master human behavior, prevent objections before they happen, and sell the way the brain naturally buys, this conversation covers it all.   Chapters: (00:00) Introduction (02:10) René's Background in Neuroscience and Selling Change (07:26) How the Brain Makes Decisions (and Why Buyers Resist Change) (11:00) Tonality, Threat Detection, and the 93% Rule (14:52) Body Language, Congruency, and Subconscious Cues (20:11) How Elite Salespeople Prevent Objections (Not Handle Them) (26:12) Storytelling, Framing, and the Tie-Down Formula (33:58) Using Hand Gestures, Tone, and Presence to Increase Trust   Connect with René Instagram: ⁠https://www.instagram.com/learnwithrene/⁠ Website: ⁠https://www.meetrene.com/⁠ Amplify Your Influence Book: ⁠https://www.amplifybook.com⁠   Got a question about sales, persuasion, or objection handling? Text me directly: ⁠+1-480-481-6755⁠   Join the 7th Level University: ⁠https://whop.com/discover/7thlevel/⁠   Join the waitlist for the Ask Jeremy 7q.AI : ⁠https://7q.ai/waitlist⁠   Join the 7th Level Sales Team: ⁠https://hardlyselling.hirebus-careers.com/closer-7th-level⁠   The exact NEPQ script I used to earn $2.4M/year as a W-2 sales rep: ⁠https://nepqtraining.com/smv-yt-splt-opt-org⁠   Prefer to understand the psychology behind NEPQ first? Grab The New Model of Selling: Selling to an Unsellable Generation on Amazon:⁠ https://www.amazon.com/dp/1636980112⁠   Book a call with my team: ⁠https://7thlevelhq.com/book-demo/⁠   Connect with Jeremy Miner YouTube: ⁠https://www.youtube.com/@jeremeyminer⁠ Instagram:⁠ https://www.instagram.com/jeremyleeminer/⁠ LinkedIn: ⁠https://www.linkedin.com/in/jeremyleeminer/⁠ Facebook: ⁠https://www.facebook.com/jeremy.miner.52⁠

Many salespeople lose the deal long before they speak, because the brain decides whether to trust you in seconds. In this episode of The Next Level Podcast, Jeremy Miner talks with René Rodriguez, bestselling author, keynote speaker, and expert in applying behavioral neuroscience to real-world sales situations. René explains why 93% of communication happens before the words leave your mouth, how tonality and body language trigger either safety or resistance in the brain, and how elite salespeople use framing, storytelling, and emotional tie-downs to guide a prospect's thinking without pressure. If you want to master human behavior, prevent objections before they happen, and sell the way the brain naturally buys, this conversation covers it all.Chapters:(00:00) Introduction (02:10) René's Background in Neuroscience and Selling Change(07:26) How the Brain Makes Decisions (and Why Buyers Resist Change)(11:00) Tonality, Threat Detection, and the 93% Rule(14:52) Body Language, Congruency, and Subconscious Cues(20:11) How Elite Salespeople Prevent Objections (Not Handle Them)(26:12) Storytelling, Framing, and the Tie-Down Formula(33:58) Using Hand Gestures, Tone, and Presence to Increase TrustConnect with René Instagram: https://www.instagram.com/learnwithrene/Website: https://www.meetrene.com/Amplify Your Influence Book: https://www.amplifybook.comGot a question about sales, persuasion, or objection handling? Text me directly: +1-480-481-6755Join the 7th Level University: https://whop.com/discover/7thlevel/Join the waitlist for the Ask Jeremy 7q.AI : https://7q.ai/waitlistJoin the 7th Level Sales Team: https://hardlyselling.hirebus-careers.com/closer-7th-levelThe exact NEPQ script I used to earn $2.4M/year as a W-2 sales rep: https://nepqtraining.com/smv-yt-splt-opt-orgPrefer to understand the psychology behind NEPQ first? Grab The New Model of Selling: Selling to an Unsellable Generation on Amazon: https://www.amazon.com/dp/1636980112Book a call with my team: https://7thlevelhq.com/book-demo/Connect with Jeremy MinerYouTube: https://www.youtube.com/@jeremeyminerInstagram: https://www.instagram.com/jeremyleeminer/LinkedIn: https://www.linkedin.com/in/jeremyleeminer/Facebook: https://www.facebook.com/jeremy.miner.52

What is the future of MDR?In this episode of the mnemonic security podcast, Robby is joined by Migjen Hakaj from mnemonic's Innovation & Emerging Technologies Department and Amine Besson, wearing many hats including Detection Engineering & Threat Hunting SIG Chair at FIRST, Detection Engineering Tech Lead at the European Commission, and Threat Detection & Response Expert at the EU CyberNet.They've joined forces by collecting their shared extensive experience with security monitoring, and published a popular three-part blog series on what Managed Detection and Response (MDR) really is on a deep level, where they examine the past, present, and future challenges within the field.In their conversation they talk about the evolution of the SOC space, what main forms of security operations they are seeing today, and why they believe the SOC needs to change.They also explain why it's hard to define what MDR really is today, the main value proposition of MDR providers, and what the next big differentiators for MDR providers will be. As well as in what ways they've seen that the industry has matured over the last few years, where the industry needs radical change, and where AI SOC has a place and where its main challenges lie.Interested in more? Visit their blog series:The Present and Future of Managed Detection and Response: https://detect.fyi/the-present-and-future-of-managed-detection-and-response-01a72088e6f6The missing link in MDR. Spoiler, it starts with a Detection Engineering framework: https://detect.fyi/the-missing-link-in-mdr-spoiler-it-starts-with-a-detection-engineering-framework-5f836347c92fBeyond Detections : Scaling Analysis & Response to keep MDR relevant: https://detect.fyi/beyond-detections-scaling-analysis-response-to-keep-mdr-relevant-592285d0fd25Send us a text

In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation. Whether you're a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization's reputation, continuity, and trust.

Our featured guest this week is Greg Foss, Manager - Threat Detection @ Datadog, interviewed by Frank Victory. News from Echostar, Space Command, DenAI Summit, CU Boulder, Webroot, Red Canary, Zvelo, Optiv, Ping Identity, and a lot more! You can find Greg and Frank at the following events if you'd like to see them in purpose:Greg: Lunch keynote at the CSA Fall Summit 2025 October 29th Frank: BSides Colorado Springs - "Pyramid of Pain - Defenders Edition" October 25th SnowFROC 2026 - March 26 and 27 University of Michigan CyberSecurity Symposium - Challenges of Training the Next Generation of Cybersecurity Professionals - October 30th Come join us on the Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: EchoStar unloads wireless spectrum to Musk's SpaceX for $17 billion Will Colorado lose 30,000 jobs when Space Command moves to Alabama? CU Boulder ranked No. 1 for launching startups based on university discoveries Guarding your family against the latest online threats Node problem: Tracking recent npm package compromises SaaS Risk Management for Vendors in the Age of AI Cybersecurity Capabilities for Maturing Your TPRM Programs Complying with NIST SP 800-63-4 Standards: Identity as the Roadmap Redefining incident response in the age of AI Upcoming Events: Check out the full calendar ISSA Denver - Denver ISSA Chapter Meeting at Secure World: How I Got Caught: A Deep Dive Into a 800K Fraud - 10/9 ISACA Denver - October Chapter Meeting - 10/16 ASIS Denver - ASIS ROCKY MOUNTAIN TRADE SHOW and NETWORKING - 10/21 ISSA Pikes Peak - Chapter Meeting - 10/22 CSA - CSA Fall Summit - 10/29 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

In this episode of "The Free Lawyer," host Gary interviews neuro coach and Neuro Savvy founder Keshawn Hughes. Drawing from her own experience with burnout, Keshawn shares how neuroscience-based coaching can help lawyers and other professionals manage stress, improve leadership, and foster healthier workplace cultures. The conversation covers practical tools like the SCARF model, breathwork, and visualization, emphasizing self-awareness, intentional breaks, and connection. Keshawn encourages listeners to find fulfillment beyond competition and perfectionism, while Gary highlights the importance of collaboration and self-care for a more rewarding legal career.Keshawn Hughes, M.S. is a NeuroLeadership Strategist, Executive Coach, and Founder of NeuroSavvy® Leadership, a Women's Business Enterprise National Council (WBENC)- and Women-Owned Small Business-certified firm transforming workplaces through brain science and authentic leadership. With two decades of experience guiding global brands, Keshawn integrates neuroscience, communication, and business strategy to help corporations improve employee productivity, retention, and engagement.Known for her ability to make complex brain science deeply practical, Keshawn equips HR and Tech leaders with proven strategies to enhance well-being, fuel performance, and develop cultures of high-impact leadership. She is certified by the International Coaching Federation (ICF) and actively involved with the Society for Human Resource Management (SHRM) and the Association for Talent Development (ATD).Based in Atlanta, Georgia, Keshawn lives with her husband and daughter, and brings heart, clarity, and bold insights to every stage she steps on.Here is her free Breakout from Burnout Guide- https://keshawnhughes.com/breakout-from-burnout-guideKeshawn's Background and Burnout Journey (00:00:54)What is Neuro Coaching? (00:04:16).Neuroscience for Managing Lawyer Stress (00:06:24)Keshawn's Personal Burnout Story (00:10:00)Why Lawyers Struggle with Communication and Leadership (00:13:14)The SCARF Model and the “SCARF Trap” (00:16:43)SCARF in Law Firms: Competition and Perfectionism (00:17:57)Threat Detection and Decision-Making Under Stress (00:22:19)Applying Neuroscience to Difficult Interactions (00:23:51)Practical Tools: Nature, Breathwork, and Box Breathing (00:26:38)Visualization and the Brain (00:29:42)Connect Before You Correct: Feedback and Delegation (00:31:40)Building Trust and Overcoming Micromanagement (00:34:27)Finding Fulfillment and Mindfulness Practices (00:37:13)Would you like to learn more about Breaking Free or order your copy? https://www.garymiles.net/break-free Would you like to schedule a complimentary discovery call? You can do so here: https://calendly.com/garymiles-successcoach/one-one-discovery-call

Show #2488 Show Notes: New Israeli AI “Threat Detection”: https://www.youtube.com/watch?v=Fh4r3E1MB0k Your gift isn’t for you: https://www.youtube.com/shorts/HEzbz5ePTTc Nick Sabin’s Greatest Hits: https://www.instagram.com/reel/DLVOJsgMmuC/ Righteous Hunter by John Rich: https://www.facebook.com/reel/24360728816930286 Coach’s Latest Commentary – Christianity is a Contact Sport: https://coachdavelive.com/articles/christianity-is-a-contact-sport Psalm 78: https://www.biblegateway.com/passage/?search=psalm%2078&version=KJV Matthew 11: https://www.biblegateway.com/passage/?search=Matthew%2011&version=KJV Centerfield – John Fogerty: https://www.youtube.com/watch?v=nOwPr6kGHRE&list=RDnOwPr6kGHRE&start_radio=1

Guest: Rick Correa,Uber TL Google SecOps, Google Cloud Topics: On the 3rd anniversary of Curated Detections, you've grown from 70 rules to over 4700. Can you walk us through that journey? What were some of the key inflection points and what have been the biggest lessons learned in scaling a detection portfolio so massively? Historically the SecOps Curated Detection content was opaque, which led to, understandably, a bit of customer friction. We've recently made nearly all of that content transparent and editable by users. What were the challenges in that transition? You make a distinction between "Detection-as-Code" and a more mature "Software Engineering" paradigm. What gets better for a security team when they move beyond just version control and a CI/CD pipeline and start incorporating things like unit testing, readability reviews, and performance testing for their detections? The idea of a "Goldilocks Zone" for detections is intriguing – not too many, not too few. How do you find that balance, and what are the metrics that matter when measuring the effectiveness of a detection program? You mentioned customer feedback is important, but a confusion matrix isn't possible, why is that? You talk about enabling customers to use your "building blocks" to create their own detections. Can you give us a practical example of how a customer might use a building block for something like detecting VPN and Tor traffic to augment their security? You have started using LLMs for reviewing the explainability of human-generated metadata. Can you expand on that? What have you found are the ripe areas for AI in detection engineering, and can you share any anecdotes of where AI has succeeded and where it has failed?    Resources EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther “Back to Cooking: Detection Engineer vs Detection Consumer, Again?” blog “On Trust and Transparency in Detection” blog “Detection Engineering Weekly” newsletter “Practical Threat Detection Engineering” book

Send us a textIn this refreshingly candid episode of the Joey Pinz Discipline Conversations podcast, Joey dives deep with Nadav Shenker, CEO of Vircom, a leading provider of email security solutions.

Join Automox CISO and SVP of Product Jason Kikta for a recap of Black Hat and DEF CON 2025. In this episode, Jason shares his take on the conversation around AI in cybersecurity shifting from hype to practical tools for defenders. Hear why integrating AI into your CI/CD pipeline, alert triage, and vulnerability management could be a game changer, plus thoughts on choosing the right security events for your personality and goals. Whether you're a conference veteran or a curious first-timer, this episode offers insights, humor, and encouragement to get more involved in the security community.

Summary:In today's episode, Les speaks with Chris Peterson, co-founder and CEO of Radicl, and a pioneer in cybersecurity innovation. Chris shares his inspiring journey from early days at Price Waterhouse to co-founding LogRhythm, and now leading Radicl - a company on a mission to bring military-grade cybersecurity to small and medium-sized businesses (SMBs), especially those in the defense industrial base (DIB). With humility, vision, and deep industry experience, Chris talks about the challenges of cybersecurity for SMBs, the promise of AI in threat detection, and the principles that drive Radicl's product and culture.Here's a closer look at the episode:1. Chris's Cybersecurity RootsGrew up curious and mischievous - early hacking instincts emerged from pushing boundaries.First tech job at Price Waterhouse, where he was inspired by early internet penetration testing.Mentored by pioneers like George Kurtz (founder of CrowdStrike) and Ron Gula.Early work included database security assessments and automated audit tools.2. Building LogRhythmCo-founded LogRhythm after stints at Counterpane and Tenable.Bootstrapped early development by selling his home and self-funding the venture.Partnered with Phil Villella (nuclear physicist) and Andy Grolnick (CEO) to scale the company.Lessons from early days: founder commitment, frugality, focus on product-market fit.LogRhythm grew to 500 employees before exiting via private equity in 2018.3. The Genesis of RadiclFounded Radicl to address cybersecurity gaps in SMBs within the defense supply chain.Inspired by the SolarWinds hack and national security threats.Assembled a founding team including his brother Matt and a former fighter pilot.Mission: protect under-defended SMBs in DIB against industrial espionage.4. The Opportunity and Market NeedDIB SMBs are often unable to afford or operate traditional cybersecurity solutions.Barriers include tight margins, complex compliance (e.g. CMMC), and lack of in-house talent.Advances in cloud, automation, and AI now make affordable, scalable solutions viable.Radicl addresses both compliance operations and 24/7 security operations via software + human hybrid model.5. Radicl's Product and PlatformDelivers “virtual SOC” capabilities—blending human expertise with AI and automation.Handles CMMC readiness, threat detection, incident response, and vulnerability management.Designed for transparency: customers can engage with Radicl's ops team in-platform.AI-driven agents are increasingly being introduced to reduce cost and improve response times.6. Looking AheadPreparing for a Series A raise in the next 4–6 months to accelerate R&D investment.Focused on doubling down on AI innovation and expanding platform features.Vision: democratize advanced cybersecurity for SMBs while delivering elite protection to the DIB.Chris aims to balance company building with family, health, and meditation—striving for better life integration as a second-time founder.Resources:Website: RADICLhttps://www.linkedin.com/company/radicl-defense/ https://radicl.com/Chris Petersonhttps://www.linkedin.com/in/chrispetersen1/ https://radicl.com/bio-chris-petersen 

⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John LillistonJoin ITSP Magazine's Marco Ciappelli and Sean Martin as they preview ThreatLocker's exciting Black Hat 2025 presence with Detect Product Director John Lilliston. Discover upcoming major announcements, hands-on hacking demos, and how ThreatLocker's default deny approach is revolutionizing enterprise cybersecurity through comprehensive zero trust implementation.As Black Hat USA 2025 approaches, cybersecurity professionals are gearing up for one of the industry's most anticipated events. ITSP Magazine's Marco Ciappelli and Sean Martin recently sat down with John Lilliston, ThreatLocker's Detect Product Director, to preview what promises to be an exciting showcase of zero trust innovation at booth 1933.ThreatLocker has become synonymous with the "default deny" security approach, a philosophy that fundamentally changes how organizations protect their digital assets. Unlike traditional security models that allow by default and block known threats, ThreatLocker's approach denies everything by default and allows only approved applications, network communications, and storage operations. This comprehensive strategy operates across application, network, and storage levels, creating what Lilliston describes as a "hardened system that stops adversaries in their tracks."The company's rapid growth reflects the industry's embrace of zero trust principles, moving beyond buzzword status to practical, enterprise-ready solutions. Lilliston, who joined ThreatLocker in February after evaluating their products from the enterprise side, emphasizes how the platform's learning mode and ring fencing capabilities set it apart from competitors in the application control space.At Black Hat 2025, ThreatLocker will demonstrate their defense-in-depth strategy through their Detect product line. While their primary zero trust controls rarely fail, Detect provides crucial monitoring for applications that must run in enterprise environments but may have elevated risk profiles. The system can automatically orchestrate responses to threats, such as locking down browsers exhibiting irregular behavior that might indicate data exfiltration attempts.Visitors to booth 1933 can expect hands-on demonstrations and on-demand hacking scenarios that showcase real-world applications of ThreatLocker's technology. The company is preparing major announcements that CEO Danny Houlihan will reveal during the event, promising game-changing developments for both the organization and its client base.ThreatLocker's Black Hat agenda includes a welcome reception on Tuesday, August 5th, from 7-10 PM at the Mandalay Bay Complex, and Houlihan's presentation on "Simplifying Cybersecurity" on Thursday, August 7th, from 10:15-11:05 AM at Mandalay Bay J.The convergence of practical zero trust implementation, cutting-edge threat detection, and automated response capabilities positions ThreatLocker as a key player in the evolving cybersecurity landscape, making their Black Hat presence essential viewing for security professionals seeking comprehensive protection strategies.Keywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operationsLearn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content.Learn more.Guests:John LillistonCybersecurity Director | Threat Detection & Response | SOC Leadership | DFIR | EDR/XDR Strategy | GCFA, GISP | https://www.linkedin.com/in/john-lilliston-4725217b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerThreatLocker® Welcome Reception | Don't gamble with your security! Join us at Black Hat for a lively Welcome Reception hosted by ThreatLocker®. Meet our Cyber Hero® Team and dive into discussions on the latest advancements in ThreatLocker®Endpoint Security. It's a great opportunity to connect and learn together! ‍‍Time: 7PM - 10PM | Location: Mandalay Bay Complex RSVP below and we'll send you a confirmation email with all the details.[ Welcome Reception RSVP ]Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Mark Stevens, SVP, Channels and Alliances, discusses how SecurityScorecard's strategic partnership with AWS enables them to scale their security solutions through cloud infrastructure, marketplace integration, and co-sell programsTopics Include:SecurityScorecard founded 10 years ago to understand third-party vendor security postureCompany has grown to 3,000 enterprise customers and 200+ partners globallyEvolved from ratings to "supply chain detection and response" over last yearSupply chain threats have doubled, creating extended attack surfaces for companiesMany organizations don't know their vendor count or vulnerabilities within supply chainsSecurityScorecard provides visibility into attack surfaces and management tools for controlGenerative AI is central to their ecosystem, leveraging AWS Bedrock extensivelyThey scan the entire internet every two days at massive scaleHave scored 12 million companies with security scorecards to dateAll workloads run on AWS cloud infrastructure as their primary platformAWS partnership provides necessary scale for managing hundreds of thousands of vendorsCase study: Identified vendor misconfigurations that could shut down 1,000 locationsOwn massive 10-year data lake with tens of millions of companiesNew managed service combines AI automation with human analysts for supportLarge organizations cannot fully automate supply chain security management yetQuality threat intelligence data now valuable to SOC teams, not just riskThird-party risk management and SOC teams are slowly converging for better securityAWS marketplace integration provides frictionless customer experience and larger dealsCo-sell programs with AWS enterprise sales teams create effective flywheel motionFuture expansion includes identity management, response actions, and internal signal managementParticipants:Mark Stevens – SVP, Channels and Alliances, SecurityScorecardFurther Links:SecurityScorecard.ioSecurityScorecard AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Guest: David French, Staff Adoption Engineer, Google Cloud Topic: Detection as code is one of those meme phrases I hear a lot, but I'm not sure everyone means the same thing when they say it. Could you tell us what you mean by it, and what upside it has for organizations in your model of it? What gets better for security teams and security outcomes when you start managing in a DAC world? What is primary, actual code or using SWE-style process for detection work? Not every SIEM has a good set of APIs for this, right? What's a team to do in a world of no or low API support for this model?  If we're talking about as-code models, one of the important parts of regular software development is testing. How should teams think about testing their detection corpus? Where do we even start? Smoke tests? Unit tests?  You talk about a rule schema–you might also think of it in code terms as a standard interface on the detection objects–how should organizations think about standardizing this, and why should they? If we're into a world of detection rules as code and detections as code, can we also think about alert handling via code? This is like SOAR but with more of a software engineering approach, right?  One more thing that stood out to me in your presentation was the call for sharing detection content. Is this between vendors, vendors and end users?  Resources: Can We Have “Detection as Code”? Testing in Detection Engineering (Part 8) “So Good They Can't Ignore You: Why Skills Trump Passion in the Quest for Work You Love” book EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther Getting Started with Detection-as-Code and Google SecOps Detection Engineering Demystified: Building Custom Detections for GitHub Enterprise From soup to nuts: Building a Detection-as-Code pipeline David French - Medium Blog Detection Engineering Maturity Matrix  

Guest Alan Braithwaite, Co-founder and CTO @ RunReveal Topics: SIEM is hard, and many vendors have discovered this over the years. You need to get storage, security and integration complexity just right. You also need to be better than incumbents. How would you approach this now? Decoupled SIEM vs SIEM/EDR/XDR combo. These point in the opposite directions, which side do you think will win? In a world where data volumes are exploding, especially in cloud environments, you're building a SIEM with ClickHouse as its backend, focusing on both parsed and raw logs. What's the core advantage of this approach, and how does it address the limitations of traditional SIEMs in handling scale?  Cribl, Bindplane and “security pipeline vendors” are all the rage. Won't it be logical to just include this into a modern SIEM? You're envisioning a 'Pipeline QL' that compiles to SQL, enabling 'detection in SQL.' This sounds like a significant shift, and perhaps not to the better? (Anton is horrified, for once) How does this approach affect detection engineering? With Sigma HQ support out-of-the-box, and the ability to convert SPL to Sigma, you're clearly aiming for interoperability. How crucial is this approach in your vision, and how do you see it benefiting the security community? What is SIEM in 2025 and beyond?  What's the endgame for security telemetry data? Is this truly SIEM 3.0, 4.0 or whatever-oh? Resources: EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective EP123 The Good, the Bad, and the Epic of Threat Detection at Scale with Panther EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures “20 Years of SIEM: Celebrating My Dubious Anniversary” blog “RSA 2025: AI's Promise vs. Security's Past — A Reality Check” blog tl;dr security newsletter Introducing a RunReveal Model Context Protocol Server! MCP: Building Your SecOps AI Ecosystem AI Runbooks for Google SecOps: Security Operations with Model Context Protocol  

Is Artificial Intelligence the ultimate security dragon, we need to slay, or a powerful ally we must train? Recorded LIVE at BSidesSF, this special episode dives headfirst into the most pressing debates around AI security.Join host Ashish Rajan as he navigates the complex landscape of AI threats and opportunities with two leading experts:Jackie Bow (Anthropic): Championing the "How to Train Your Dragon" approach, Jackie reveals how we can leverage AI, and even its 'hallucinations,' for advanced threat detection, response, and creative security solutions.Kane Narraway (Canva): Taking the "Knight/Wizard" stance, Kane illuminates the critical challenges in securing AI systems, understanding the new layers of risk, and the complexities of AI threat modeling.

In today's episode of Tech Talks Daily, I reconnect with Abnormal AI's CIO, Mike Britton, to explore one of the most pressing topics in the tech world—AI regulation and cybersecurity.  Speaking from his base near Dallas, Mike brings a pragmatic perspective shaped by decades of experience at the intersection of enterprise technology and security. As the debate around artificial intelligence evolves, we examine the growing divide between the United States and Europe on regulatory approaches and what business leaders can learn from each side. While Europe takes a more cohesive, application-based approach, the US remains fragmented, relying on state-by-state policies and sector-specific laws. Mike unpacks why this patchwork complicates global alignment and what an effective risk-based, standardized framework might look like. He argues that regulation must focus on how AI is applied, not just its scale, especially as the technology becomes embedded in everything from healthcare to email automation. We also touch on the unintended consequences of overregulation, including the risk of pushing innovation into regions with fewer safeguards. As Abnormal Security works with some of the world's largest brands, Mike offers a frontline view into how threat actors are already leveraging AI to outpace traditional defenses. His insights reinforce the need for transparency, human oversight, and "kill switches" to ensure AI remains a tool for good, not a liability. From real-world examples to strategic recommendations, Mike outlines what CIOs and CISOs need to know now. His advice is clear, grounded, and actionable, whether embracing regulatory sandboxes, staying alert to geopolitical nuances in AI models, or maintaining continuous learning in a fast-moving space. So, how do we keep innovation ethical and secure in a world where AI is moving faster than ever? And what steps should technology leaders take to avoid falling behind or losing control of the tools meant to drive progress?

In this episode, Subo Guha, Vice President of Product Management at Stellar Cyber, shares how the company is reshaping cybersecurity operations for managed service providers (MSPs) and their customers. Stellar Cyber's mission is to simplify security without compromising depth—making advanced cybersecurity capabilities accessible to organizations without enterprise-level resources.Subo walks through the foundations of their open XDR platform, which allows customers to retain the endpoint and network tools they already use—such as CrowdStrike or SentinelOne—without being locked into a single ecosystem. This flexibility proves especially valuable to MSSPs managing dozens or hundreds of customers with diverse toolsets, including those that have grown through acquisitions. The platform's modular sensor technology supports IT, OT, and hybrid environments, offering deep packet inspection, network detection, and even user behavior analytics to flag potential lateral movement or anomalous activity.One of the most compelling updates from the conversation is the introduction of their autonomous SOC capability. Subo emphasizes this is not about replacing humans but amplifying their efforts. The platform groups alerts into actionable cases, reducing noise and allowing analysts to respond faster. Built-in machine learning and threat intelligence feeds enrich data as it enters the system, helping determine if something is benign or a real threat.The episode also highlights new program launches like Infinity, which enhances business development and peer collaboration for MSSP partners, and their Cybersecurity Alliance, which deepens integration across a wide variety of security tools. These efforts reflect Stellar Cyber's strong commitment to ecosystem support and customer-centric growth.Subo closes by reinforcing the importance of scalability and affordability. Stellar Cyber offers a single platform with unified licensing to help MSSPs grow without adding complexity or cost. It's a clear statement: powerful security doesn't need to be out of reach for smaller teams or companies.This episode offers a practical view into what it takes to operationalize cybersecurity across diverse environments—and why automation with human collaboration is the path forward.Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, subo guha, xdr, mssp, cybersecurity, automation, soc, ai, ot, threat detection, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this On Location Brand Story episode, Sean Martin speaks with Hugh Njemanze, Founder and CEO of Anomali, who has been at the center of cybersecurity operations since the early days of SIEM. Known for his prior work at ArcSight and now leading Anomali, Hugh shares what's driving a dramatic shift in how security teams access, analyze, and act on data.Anomali's latest offering—a native cloud-based next-generation SIEM—goes beyond traditional detection. It combines high-performance threat intelligence with agentic AI to deliver answers and take action in ways that legacy platforms simply cannot. Rather than querying data manually or relying on slow pipelines, the system dynamically spins up thousands of cloud resources to answer complex security questions in seconds.Agentic AI Meets Threat IntelligenceHugh walks through how agentic AI, purpose-built for security, breaks new ground. Unlike general-purpose models, Anomali's AI operates within a secure, bounded dataset tailored to the customer's environment. It can ingest a hundred-page threat briefing, extract references to actors and tactics, map those to the MITRE ATT&CK framework, and assess the organization's specific exposure—all in moments. Then it goes a step further: evaluating past events, checking defenses, and recommending mitigations. This isn't just contextual awareness—it's operational intelligence at speed and scale.Making Security More Human-CentricOne clear theme emerges: the democratization of security tools. With Anomali's design, teams no longer need to rely on a few highly trained specialists. Broader teams can engage directly with the platform, reducing burnout and turnover, and increasing organizational resilience. Managers and security leaders now shift focus to prioritization, strategic decision-making, and meaningful business conversations—like aligning defenses to M&A activity or reporting to the board with clarity on risk.Real-World Results and Risk InsightsCustomers are already seeing measurable benefits: an 88% reduction in incidents and an increase in team-wide tool adoption. Anomali's system doesn't just detect—it correlates attack surface data with threat activity to highlight what's both vulnerable and actively targeted. This enables targeted response, cost-effective scaling, and better use of resources.Learn more about Anomali: https://itspm.ag/anomali-bdz393Note: This story contains promotional content. Learn more.Guest: Hugh Njemanze, Founder and President at Anomali | https://www.linkedin.com/in/hugh-njemanze-603721/ResourcesLearn more and catch more stories from Anomali: https://www.itspmagazine.com/directory/anomaliLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, hugh njemanze, siem, cybersecurity, ai, threat intelligence, agentic ai, risk management, soc, cloud security, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

All Aboard the Innovation Express: RSAC 2025 On Track for Cybersecurity's FutureLet's face it—RSAC isn't just a conference anymore. It's a movement. A ritual. A block party for cybersecurity. And this year, it's pulling into the station with more tracks than ever before—figuratively and literally.In this On Location episode, we reconnect with Cecilia Murtagh Marinier, Vice President of Innovation and Scholars at RSAC, to dive into what makes the 2025 edition a can't-miss experience. And as always, Sean and Marco kick things off with a bit of improvisation, some travel jokes, and a whole lot of heart.From the 20th Anniversary of the Innovation Sandbox (with a massive $50M investment boost from Crosspoint Capital) to the growing Early Stage Expo, LaunchPad's Shark-Tank-style sessions, and the new Investor & Entrepreneur track, RSAC continues to set the stage for cybersecurity's next big thing.And this year, they're going bigger—literally. The expansion into the Yerba Buena Center for the Arts brings with it a mind-blowing immersive experience: DARPA's AI Cyber City, a physically interactive train ride through smart city scenarios, designed to show how cybersecurity touches everything—from water plants to hospitals, satellites to firmware.Add in eight hands-on villages, security scholars programs, coffee-fueled networking zones, and a renewed focus on inclusion, mentorship, and accessibility, and you've got something that feels less like an event and more like a living, breathing community.Cecilia also reminds us that RSAC is a place for everyone—from first-timers unsure where to begin to seasoned veterans ready to innovate and invest. It's about showing up, making a plan (or not), and being open to the unexpected conversations that happen in hallways, lounges, or over espresso in the sandbox village.And if you can't make it in person? RSAC has made sure that everything is accessible online—600 speakers, 600 vendors, and endless ways to engage, reflect, and be part of the global cybersecurity story.So whether you're hopping in the car, boarding a flight, or—who knows—riding a miniature DARPA train through Northridge City, one thing's for sure: RSAC 2025 is going full speed ahead—and we're bringing you along for the ride.⸻ 

In this Brand Story episode, Sean Martin and Marco Ciappelli sit down with Rob Allen, Chief Product Officer at ThreatLocker, to unpack how the company is reshaping endpoint security through a unique, control-first approach. Rob shares how ThreatLocker is challenging long-held assumptions about trust, visibility, and control in enterprise environments—and why the traditional “trust but verify” model is no longer good enough.From Default Permit to Default DenyThreatLocker's philosophy centers on a fundamental shift: moving from a default permit posture to a default deny stance. This approach, according to Rob, doesn't hinder operations—it creates boundaries that allow organizations to function safely and efficiently. It's not about locking systems down; it's about granting permissions with precision, so users can operate without even noticing security is present.Product Innovation Driven by Real FeedbackThe conversation highlights how customer input—and CEO Danny Jenkins' relentless presence at industry events—drives product development. New solutions like Web Control and Patch Management are designed as logical extensions of existing tools, allowing security teams to reduce risk without creating friction for end users. The addition of a software store, suggested by enterprise customers, gives users clarity on what's approved while reducing IT support tickets.Insights and the Detect DashboardRob also explains how ThreatLocker is unlocking the value of big data. With billions of data points collected every hour, their new Insights platform aggregates and analyzes cross-customer trends to better inform security decisions. Combined with the Detect Dashboard, teams now gain not only visibility but actionable intelligence—supported by polished visuals and streamlined workflows.More Than Just Tech—It's Peace of MindWhile the technology is impressive, Rob says the most rewarding feedback is simple: “ThreatLocker helps me sleep at night.” For many customers, that level of confidence is priceless. And in unexpected situations—like a blue-screen incident caused by third-party software—ThreatLocker has even been used to mitigate impacts in creative ways.Whether you're leading a global IT team or managing a growing MSP, this episode will make you think differently about how security fits into your operational strategy. Tune in to hear how ThreatLocker is turning bold ideas into real-world control.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer at ThreatLockerOn LinkedIn | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

As the cybersecurity world gears up for RSAC 2025 in San Francisco, we hit the road again—this time with Chris Pierson, Founder and CEO of BlackCloak, for a pre-event chat packed with insight, community spirit, and some big news.Chris is no stranger to the RSA stage—this year marks his 21st year presenting—and he's bringing his energy to two powerful sessions. The first, titled “Protecting What Matters: Your Family and Home,” kicks off bright and early on Monday, April 28. It's not about blinky lights or enterprise networks—it's about us. The cybersecurity community often talks about protecting organizations, but what about protecting ourselves and our families? Chris will explore how security pros can apply their skills at home, covering identity theft, scams, and home network safety. It's a refreshing and much-needed call to action that connects the personal and professional.On Wednesday, Chris returns with co-presenter James Shreve for a two-hour Learning Lab, “When Things Go Boom: Supply Chain Risk.” This Chatham House Rule session dives deep into one of today's most complex challenges: managing third-party risk without stopping the business in its tracks. Participants will step into different roles—board members, CISOs, legal, finance—to engage in a live, collaborative scenario that pushes them to think beyond checklists. Real talk. Real collaboration. And practical takeaways.But that's not all. BlackCloak is also unveiling its new Digital Executive Protection Framework, designed to help organizations assess and strengthen protections for executives and their families. Chris teases that this framework includes 14 essential tenets that blend physical, digital, and organizational awareness—and he'll be sitting down with us again at the event to go deeper.With 15–20 BlackCloak team members on site, a full schedule of meetings, events, and community conversations, this year is shaping up to be a milestone for BlackCloak at RSAC. If you're attending, keep an eye on their LinkedIn page for updates, booking links, and suite details.As Chris says, it's about lifting our heads, scanning the horizon, and showing up for our community—and our families.Keywords: RSAC2025, Chris Pierson, BlackCloak, cybersecurity, RSA Conference, digital protection, executive protection, supply chain risk, identity theft, privacy, home network security, third-party risk, CISOs, cybersecurity community, digital executive protection framework, GRC, threat intelligence, infosec, personal security, cybersecurity awareness______________________Guest: Chris Pierson, Founder & CEO of BLACKCLOAK | Digital Executive Protection | Concierge Cybersecurity & Privacy Protection . . . in their Personal Lives | On LinkedIn: https://www.linkedin.com/in/drchristopherpierson/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsBLACKCLOAK:https://itspm.ag/itspbcweb____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageChris SessionsProtecting What Matters—Your Family & Home https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739369849404001eWtUWhen Things Go Boom! Your Supply Chain Riskhttps://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727434586212001yGwMBLACKCLOAK WEBSITE:https://itspm.ag/itspbcweb____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Join Marco and Sean in their annual pre-RSAC conversation with Linda Gray Martin and Britta Glade. Discover what's new and exciting at RSAC 2025—expanded campuses, innovative programming, and compelling guest speakers like Magic Johnson and Ron Howard. Dive into special events, immersive experiences, and the launch of a vibrant community platform aimed at fostering continuous learning and connection among cybersecurity professionals. Get ready for another unforgettable year celebrating many voices within one united community.Full Intro/Blog:RSA Conference 2025 is here, and Marco and Sean continue their beloved tradition with a vibrant preview conversation featuring Linda Gray Martin, Chief of Staff and Senior Vice President at RSAC, and Britta Glade, Senior Vice President, Content & Communities. This year's conference theme, "Many Voices, One Community," highlights the collaborative and inclusive spirit driving the cybersecurity world forward.In this engaging discussion, Marco and Sean explore the exciting expansions and innovations attendees can anticipate. RSAC is expanding its campus, taking over San Francisco's stunning Yerba Buena Center for the Arts, enhancing the attendee experience with a new keynote auditorium and the DARPA AI Cyber Challenge. The Sandbox area promises captivating interactive experiences, including a fictional town simulation designed to showcase AI's role in safeguarding critical infrastructure.Keynotes remain a conference highlight, with influential voices like NBA legend Magic Johnson sharing insights on teamwork, and filmmaker Ron Howard discussing storytelling and human connections in a unique father-daughter interview format. Closing celebrations feature an exciting conversation with Jamie Foxx, alongside vibrant performances from DJ Irie and local sensation Jazz Mafia.New educational tracks addressing essential topics such as Protecting Home and Family and Security Foundations ensure that content remains both relevant and accessible. The introduction of a new community membership platform is set to revolutionize ongoing engagement, offering secure messaging, tailored cybersecurity content, and collaborative opportunities long after the conference ends.Embrace the spirit of innovation, unity, and continuous growth at RSAC 2025, where the cybersecurity community comes together to drive meaningful change.Keywords:RSAC 2025, RSA Conference, cybersecurity, community, innovation, Magic Johnson, Ron Howard, Jamie Foxx, DARPA AI Cyber Challenge, Sandbox, Yerba Buena Center for the Arts, keynote speakers, networking, continuous learning, community membership platform, protecting home and family, security foundations, technology, inclusive community, immersive experience.__________________________________Guest: Linda Gray Martin | Chief of Staff, RSAC and Senior Vice President, RSA Conferencehttps://www.linkedin.com/in/linda-gray-martin-223708/Britta Glade | Senior Vice President, Content & Communities, RSA Conferencehttps://www.linkedin.com/in/britta-glade-5251003/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society & Technology stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-and-technology-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More