The cybersecurity podcast about application security and those who practice it. Hosted by tech industry veterans, each episode focuses on a specific area of cybersecurity, with the hosts and their guests sharing their practitioners’ experiences and opinions, sprinkled liberally with a solid dose of humor and anecdotes.
…
continue reading
Code Security Podcasts
Automation, Generative AI, Shift Left - the world of application security is evolving fast, and so are the conversations that shape it. Welcome to The Security Champions Podcast, the go-to resource for insights from the front lines of application security. The podcast is cohosted by Michael Burch, Director of Application Security for Security Journey, and Dustin Lehr, the Director of AppSec Advocacy. Each month, one of them shares a candid conversation with security leaders, engineering voic ...
…
continue reading
Der Chaos Computer Club ist die größte europäische Hackervereinigung, und seit über 25 Jahren Vermittler im Spannungsfeld technischer und sozialer Entwicklungen.
…
continue reading
We created Enginears as a place to share Engineering stories and to aid knowledge sharing and discovery into how companies build their products. Hosted on Ausha. See ausha.co/privacy-policy for more information.
…
continue reading
In the security industry, it's easy to get overwhelmed by the constant barrage of information and buzzy trends. On Security Noise, we help you sort through the noise and identify the information that truly matters. Listen to hear from practitioners in the field who are using the latest tools and methodologies to stay ahead. Whether you're a seasoned security pro or an industry newcomer, our podcast has something for anyone in the business of making the world secure. Presented by TrustedSec, ...
…
continue reading
Software engineering at Big Tech and startups, from the inside. Deepdives with experienced engineers and tech professionals who share their hard-earned lessons, interesting stories and advice they have on building software. Especially relevant for software engineers and engineering leaders: useful for those working in tech. newsletter.pragmaticengineer.com
…
continue reading
Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.
…
continue reading
Error Code is a biweekly narrative podcast that provides you both context and conversation with some of the best minds working today toward code resilience and dependability. Work that can lead to autonomous vehicles and smart cities. It’s your window in the research solving tomorrow’s code problems today.
…
continue reading
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
…
continue reading
We dissect the tech news train wrecks of the week, calling out what went wrong and who’s to blame. Think of this podcast as if Kurt Cobain threw down with Tom from MySpace, Elon Musk, and Mark Zuckerberg in a back alley brawl. No mercy, no filter—if tech had a walk of shame, this would be it.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.
…
continue reading
Main AI by CodeRabbit is a podcast that brings you deep conversations with legendary developers who've shaped the tools we use every day. We explore how artificial intelligence is transforming software development while celebrating the creators and tools that built our foundation. Each episode features intimate discussions about building developer tools, maintaining open source projects, and navigating the evolution of technology.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Revenera experts are joined by industry leaders for discussions on all the latest talking points in the world of software.
…
continue reading
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
…
continue reading
A show about the perils & pitfalls of creative intellectual automation; and why the future of good Internet vibes is for the humans, by the humans.
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
For more than a dozen years, the Stack Overflow Podcast has been exploring what it means to be a developer and how the art and practice of software programming is changing our world. From Rails to React, from Java to Node.js, we host important conversations and fascinating guests that will help you understand how technology is made and where it’s headed. Hosted by Ben Popper, Cassidy Williams, and Ceora Ford, the Stack Overflow Podcast is your home for all things code.
…
continue reading
discussions on topics connected with software development; privacy, security, management, tools, techniques, skills, training, business, soft skills, health
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
Where security veterans unpack the latest IT security news, vulnerabilities, and research through a historical and technical lens that can cut through even the thickest cigar smoke. Hosted by Paul Asadoorian and Larry Pesce. Co-hosts: Josh Marpet, Jeff Man, Mandy Logan, Tyler Robinson.
…
continue reading
Welcome to For a Cloudy Day, the podcast where we talk about the cloud technology industry with insights from experts. Hosted by Co-native, the home of cloud specialists.
…
continue reading
Secured is the podcast for software security enthusiasts. Host Cole Cornford sits down with Australia's top software security experts to uncover their unconventional career paths and the challenges they faced along the way. Listen in as they share their insights on the diverse approaches to AppSec, company by company, and how each organisation's security needs are distinct and require personalised solutions. Gain insider access to the masterminds behind some of Australia's most successful So ...
…
continue reading
DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.
…
continue reading
What is DevOps? We will attempt to answer this and many more questions.
…
continue reading
Larry and Kerry talk about parenting issues during Covid-19 isolation period
…
continue reading
You are not years away from accomplishing your career goals, you are skills away. Learn the Tradecraft to Take Your Cybersecurity Skills to the Executive Level. © Copyright 2025, National Security Corporation. All Rights Reserved
…
continue reading
Discussions with regulators, top lawyers and entrepreneurs about the legal framework for blockchain technology. We look at international regulations, trends, and jurisprudence impacting crypto and its related parts.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Android Faithful is your weekly source for Android news, hardware, apps and more. Join Huyen Tue Dao and Ron Richards, along with a host of Android friends and experts as they keep you up to date every week on everything important to the world of Android From phones and foldables, to tablets and TVs and more. We are the Android Faithful. We want to hear from you! Respond to our listener survey: http://bit.ly/androidfaithful-survey Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
…
continue reading
This podcast will give you help you with passing your CompTIA exams. We also sprinkle different technology topics.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Welcome to the Code. Deploy. Go Live. podcast! By Microsoft MVPs Andrew Connell and Julie Turner, our mission is to deliver prescriptive guidance on Microsoft 365 and Azure for Full-Stack Developers. Get the latest news, discussions, and interviews on topics ranging from Microsoft 365, Microsoft Azure, and related topics. For developers, by developers!
…
continue reading
Sync Up is your one-stop shop for all things OneDrive. Join hosts, Stephen Rice and Arvind Mishra, as they shed light on how OneDrive connects you to all of your files in Microsoft and enables you to share and work together from anywhere, and any device! Hear from experts behind the design and development of OneDrive, as well as customers and Microsoft MVPs! Each episode will give you news and announcements, tips and best practices for your OneDrive experience, and some fun and humor!
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Struggling to keep pace with the ever-changing world of technology? For experienced tech professionals, making sense of this complexity to find real strategic advantages is key. This series offers a clear path, featuring insightful, casual conversations with leading global experts, innovators, and key voices from Red Hat, all cutting through the hype. Drawing from Red Hat's deep expertise in open source and enterprise innovation, each discussion delves into new and emerging technologies-- fr ...
…
continue reading
Security Boulevard is the destination for the security community to stay up on the latest news, discussion and analysis. Home of the Security Bloggers Network, Security Boulevard has more security related content than anywhere else on the web.
…
continue reading
Felix explores Internet of Things (IoT) and Operational Technology cyber security. Perfect for project managers, developers, and those learning about penetration testing in this niche area. Email Felix using [email protected] Get more information at the website: yougottahackthat.com Find You Gotta Hack That on LinkedIn and X @gotta_hack
…
continue reading
The development world is cluttered with buzzwords and distractions. Speed, focus, and freedom? Gone. I’m Nicky Pike. And it’s time for a reset. [Dev]olution is here to help you get back to what matters: creating, solving, and making an impact. No trend chasing, just asking better questions. What do devs really want? How can platform teams drive flow, not friction? How does AI actually help? Join me every two weeks for straight talk with the people shaping the future of dev. This is the [Dev] ...
…
continue reading
PowerShell Community
…
continue reading
This is a weekly podcast on cyber security domains. We discuss, dissect and demystify the world of security by providing an in-depth coverage on the cybersecurity topics that matter most. All these in plain easy to understand language. Like it, share it, and most importantly enjoy it!
…
continue reading
1
020 | Ignite 2025: Agents, Copilot APIs & Security Copilot
59:45
59:45
Play later
Play later
Lists
Like
Liked
59:45
Join Andrew Connell and Julie Turner as they recap Microsoft Ignite 2025, diving deep into the latest announcements for developers. They discuss Agent 365's new governance capabilities, Copilot API updates, including retrieval and search features, and exciting declarative agent enhancements. The hosts also cover Security Copilot's inclusion with E5…
…
continue reading
1
#261 - Vibe Coding Security (with Neatsun Ziv)
45:37
45:37
Play later
Play later
Lists
Like
Liked
45:37
In this episode of CISO Tradecraft, host G Mark Hardy is joined by Neatsun Ziv from Ox Security to discuss the evolving landscape of vibe coding and its security implications. The conversation delves into the risks and opportunities surrounding vibe coding, how it can enhance productivity while maintaining security, and the importance of embedding …
…
continue reading
1
Vibe Coding For Success and Failure - PSW #902
1:06:52
1:06:52
Play later
Play later
Lists
Like
Liked
1:06:52
Tune in for some hands-on tips on how to use Claude code to create some amazing and not-so-amazing software. Paul will walk you through what worked and what didn't as he 100% vibe-coded a Python Flask application. The discussion continues with the crew discussing the future of vibe coding and how AI may better help in creating and securing software…
…
continue reading
1
EP 76: Why Security Certs for New Medical Devices Might Just Work
36:50
36:50
Play later
Play later
Lists
Like
Liked
36:50
Diversity in healthcare devices complicates segmentation, security controls, and zero-trust approaches. New certifications aim to help. Bob Lyle, CRO of Medcrypt, identifies how layered defenses, rigorous cybersecurity requirements for new devices, continuous monitoring, and dark-web credential surveillance can reduce risk.…
…
continue reading
1
Code security for software engineers
1:07:38
1:07:38
Play later
Play later
Lists
Like
Liked
1:07:38
Brought to You By: • Statsig — The unified platform for flags, analytics, experiments, and more. Statsig are helping make the first-ever Pragmatic Summit a reality. Join me and 400 other top engineers and leaders on 11 February, in San Francisco for a special one-day event. Reserve your spot here. • Linear — The system for modern product …
…
continue reading
1
The Trust Trap - Security von Coding Assistants (god2025)
43:05
43:05
Play later
Play later
Lists
Like
Liked
43:05
Coding Assistants wie Github Copilot, Cursor oder Claude versprechen einen Effizienzboost für die Softwareentwicklung. Doch welchen Einfluss hat die Nutzung dieser Tools auf die Software Security?Dieser Vortrag analysiert die Vor- und Nachteile von Coding Assistants in Hinblick auf die Sicherheit des entstehenden Codes. Er gibt einen Überblick über…
…
continue reading
1
20,000 Apps Under the Sea: Deep Dive into Vibe Coding Security
26:19
26:19
Play later
Play later
Lists
Like
Liked
26:19
Vibe coding is allowing even non-developers to produce fully functional web applications by using LLMs to generate code – but how secure are they? In this episode of AppSec Serialized, special guest Bogdan Calin joins hosts Dan Murphy and Ryan Bergquist to talk about his research, which involved vibe-coding over 20,000 applications and analyzing th…
…
continue reading
1
Figuring Out Where to Start with Secure Code - ASW #358
46:23
46:23
Play later
Play later
Lists
Like
Liked
46:23
What are your favorite resources for secure code? Co-hosts John Kinsella and Kalyani Pawar talk about the reality of bringing security into a business. We talk about the role of the OWASP Top 10 and the OWASP ASVS in crafting security programs. And balance that with a discussion in what's the best use of everyone's time -- developers and appsec fol…
…
continue reading
1
Interface is everything, and everything is an interface
24:28
24:28
Play later
Play later
Lists
Like
Liked
24:28
Ryan talks with Wesley Yu, head of engineering at Metalab, about the evolution of interfaces in technology, the pressure that UI generated on the fly would put on your backend systems, and why AI is just the latest and fanciest in a long line of CRUD apps. Episode notes: Metalab designs interfaces for top brands around the world, helping them desig…
…
continue reading
1
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
6:56
6:56
Play later
Play later
Lists
Like
Liked
6:56
Using AI Gemma 3 Locally with a Single CPU Installing AI models on modes hardware is possible and can be useful to experiment with these models on premise https://isc.sans.edu/diary/Using%20AI%20Gemma%203%20Locally%20with%20a%20Single%20CPU%20/32556 Mystery Google Chrome 0-Day Vulnerability Google released an update for Google Chrome fixing a vulne…
…
continue reading
1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904
2:07:47
2:07:47
Play later
Play later
Lists
Like
Liked
2:07:47
This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…
…
continue reading
1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904
2:07:47
2:07:47
Play later
Play later
Lists
Like
Liked
2:07:47
This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…
…
continue reading
1
Tech Segment: MITM Automation + Security News - Josh Bressers - PSW #904
2:07:47
2:07:47
Play later
Play later
Lists
Like
Liked
2:07:47
This week in our technical segment, you will learn how to build a MITM proxy device using Kali Linux, some custom scripts, and a Raspberry PI! In the security news: Hacking Smart BBQ Probes China uses us as a proxy LOLPROX and living off the Hypervisor Are we overreating to React4Shell? Prolific Spyware vendors EDR evaluations and tin foil hats Com…
…
continue reading
1
Defending Your Cyber Systems and Your Mental Attack Surface with Chris Hughes
34:10
34:10
Play later
Play later
Lists
Like
Liked
34:10
When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots. In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience,…
…
continue reading
1
Cloud Security Made Simple: Your CompTIA Security+ Study Guide
27:03
27:03
Play later
Play later
Lists
Like
Liked
27:03
[email protected] In this episode of Technology Tap: CompTIA Study Guide, we dive deep into cloud security fundamentals, perfect for those preparing for the CompTIA Security+ exam. Join our study group as we explore the shifting security landscape from locked server rooms to identity-based perimeters and data distributed across regions. This …
…
continue reading
1
Unlock the Power of Monetization Analytics: Drive Growth, Renewals, and Customer Success
32:49
32:49
Play later
Play later
Lists
Like
Liked
32:49
In this Revenera podcast, led by industry experts Victor DeMarines (VP of Product Management) and Anuradha Nagendran (Director, Engineering), where we’ll explore how actionable analytics are transforming software monetization strategies. What You’ll Learn: Why Monetization Analytics Matter: Discover how the shift to subscription and usage-based mod…
…
continue reading
1
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection) We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on. https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Comma…
…
continue reading
1
AI-native On-Call + Incident Management I Rootly Podcast
49:38
49:38
Play later
Play later
Lists
Like
Liked
49:38
If you're keen to share your story, please reach out to us! There's a lot of rage in the AI-SRE space right now and I was keen to get some of the big players on the show to get under the hood of what they're building and the areas of focus. Playing the same game but approaches from different angles. - Hacking and building with his co-founder pre "A…
…
continue reading
1
Dustin Lehr & Michael Burch - End of Year Recap 2025
1:06:04
1:06:04
Play later
Play later
Lists
Like
Liked
1:06:04
It’s been a momentous year for security champions, developer empowerment, and cultivating security culture. In this special year-in-review episode, hosts Dustin Lehr and Michael Burch look back on the standout conversations and greatest moments from The Security Champions Podcast throughout 2025. Whether you're building a champion program, supporti…
…
continue reading
1
DOP 328: The Real Cost of Build Versus Buy Decisions
36:39
36:39
Play later
Play later
Lists
Like
Liked
36:39
#328: The build versus buy decision isn't as binary as most companies think. Every technology choice involves elements of both - you might use Linux (buy) but still configure and customize it extensively (build). The real question isn't whether to build or buy, but finding the right balance between the two approaches based on your company's resourc…
…
continue reading
1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425
52:57
52:57
Play later
Play later
Lists
Like
Liked
52:57
Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …
…
continue reading
Cybersecurity Today: Google Chrome's AI Safety Plan, React2Shell Fixes, & New Ransomware Tactics In this episode of Cybersecurity Today, host Jim Love discusses Google's new security blueprint for AI-powered Chrome agents, highlighting measures against indirect prompt injections and model errors. Learn about Next JS's new tool for addressing the cr…
…
continue reading
It's an exciting week at Android Faithful as Jason Howell and Florence Ion share their Android XR experience with Ron Richards and we kickoff the first ever Android Faithful awards...the 2025 Annual Podcast Kudos or the APKs!!! You can vote for your favorite phones and news stories at https://bit.ly/2025apks - Voting closes on 12/22 at Midnight ET!…
…
continue reading
1
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches.
8:04
8:04
Play later
Play later
Lists
Like
Liked
8:04
Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. h…
…
continue reading
1
Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50
We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-536
…
continue reading
1
Rethinking Public Health Workflows Through Automation and Governance: Why Data Modernization May Be The Key | A Conversation with Jim St. Clair | Redefining CyberSecurity with Sean Martin
44:06
44:06
Play later
Play later
Lists
Like
Liked
44:06
⬥EPISODE NOTES⬥ Artificial intelligence is reshaping how public health organizations manage data, interpret trends, and support decision-making. In this episode, Sean Martin talks with Jim St. Clair, Vice President of Public Health Systems at a major public health research institute, Altarum, about what AI adoption really looks like across federal,…
…
continue reading
1
EP 77: Building a Cyber Physical System Device Library
27:29
27:29
Play later
Play later
Lists
Like
Liked
27:29
Do you really know what’s on your network? A lot of OT devices are white labeled, meaning they have a brand name but under the hood they’re made by someone else. Sean Tufts, Field CTO for Claroty, explains how his team is using AI to sift through all the available data and build a cyber physical library that starts to add specificity to remediation…
…
continue reading
1
Printers, Decoded: Understanding Printer Technology for IT Professionals Chapter 10
32:13
32:13
Play later
Play later
Lists
Like
Liked
32:13
[email protected] Printers and multifunction devices are more than just simple office tools—they're intricate systems combining optical, thermal, mechanical, and networked computing components. In this episode, we decode printer technology and its critical role in business operations, highlighting how these devices impact IT skills developmen…
…
continue reading
1
#164 - Greg Xethalis on market structure legislation, history of crypto ETFs
38:49
38:49
Play later
Play later
Lists
Like
Liked
38:49
Greg Xethalis, General Counsel at Multicoin Capital joins the podcast to discuss the history of ETFs, what we can learn from the first Bitcoin ETF, and the interplay between the CLARITY Act and RFIA. This episode also covers the challenges of disclosure in decentralized systems, and why principles-based regulation is essential for the next phase of…
…
continue reading
1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
1:07:43
1:07:43
Play later
Play later
Lists
Like
Liked
1:07:43
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…
…
continue reading
1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
1:07:43
1:07:43
Play later
Play later
Lists
Like
Liked
1:07:43
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…
…
continue reading
1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
1:07:43
1:07:43
Play later
Play later
Lists
Like
Liked
1:07:43
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…
…
continue reading
Ryan is joined by Kayvon Beykpour, CEO and founder of Microscope, to dive into AI-powered code review’s potential for managing large codebases, the need for humans-in-the-loop for reviewing PRs so AI tools can efficiently and effectively debug, and how AI can increase visibility through summarization at the abstract syntax tree level and high signa…
…
continue reading
1
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in…
…
continue reading
https://mcdn.podbean.com/mf/web/wxjkax4ukr4a8zks/The_PowerShell_Podcast_episode_204_Al754vf.mp3 In this episode of The PowerShell Podcast, host Andrew Pla welcomes Dr. Al Carlson, a cryptographer, mathematician, and engineer whose career spans more than four decades in military intelligence, embedded systems, and advanced encryption research. Dr. C…
…
continue reading
1
#262 - AI Mastery for CISOs: What You Must Know
46:08
46:08
Play later
Play later
Lists
Like
Liked
46:08
Dive into the rapidly evolving world of AI with G Mark Hardy and Ross Young in this episode of CISO Tradecraft. Explore how AI is transforming business processes, the critical need for cybersecurity leadership in AI deployments, and the importance of setting clear goals, monitoring performance, and ensuring data quality. Learn about the different t…
…
continue reading
1
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436
1:34:58
1:34:58
Play later
Play later
Lists
Like
Liked
1:34:58
Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and a…
…
continue reading
1
DevelopmentTools May Allow Remote Compromise
13:08
13:08
Play later
Play later
Lists
Like
Liked
13:08
Explosive React Vulnerability and AI Tool Flaws Uncovered: Major Implications for Cybersecurity In this episode of Cybersecurity Today, host David Shipley discusses a new significant React vulnerability, React2Shell, that has caused widespread confusion and debate in the security community. This major flaw, affecting a widely used web framework, po…
…
continue reading
1
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln
5:34
5:34
Play later
Play later
Lists
Like
Liked
5:34
AutoIT3 Compiled Scripts Dropping Shellcodes Malicious AutoIT3 scripts are usign the FileInstall function to include additional scripts at compile time that are dropped as temporary files during execution. https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542 React2Shell Update The race is on to patch vulnerable syst…
…
continue reading
1
Technology Education: History of Modern Technology - AOL and Early Internet Era
25:40
25:40
Play later
Play later
Lists
Like
Liked
25:40
[email protected] Join Professor JRod in this technology education episode exploring the history of modern technology and early internet innovations. Remember the thrill of logging on, the greeting of “You’ve got mail,” and the sense that a whole new world lived behind a phone line? We go back to the moment when America Online turned the inte…
…
continue reading
1
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance
1:41:44
1:41:44
Play later
Play later
Lists
Like
Liked
1:41:44
(Presented by ThreatLocker: Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of …
…
continue reading
1
Cybersecurity Today Month In Review - December 5th, 2025
54:06
54:06
Play later
Play later
Lists
Like
Liked
54:06
Cybersecurity Today: The Rise of Living Off the Land Strategies & More In this episode of Cybersecurity Today's Month in Review, host Jim Love is joined by Laura Payne from White Tuque and David Shipley from Beauceron Security. They discuss several pressing cybersecurity issues, including the growing threat of 'living off the land' strategies where…
…
continue reading
FOLLOW UP starts with the realization that Spotify Wrapped thinks we are 82 years old, which honestly feels accurate, followed by a massive shout out to Bama Bryan on Bluesky for listening to us for over 3,000 minutes. We look at the grim stats from the Department of Government Efficiency regarding USAID deaths, then move to IN THE NEWS where the K…
…
continue reading
1
Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535
33:08
33:08
Play later
Play later
Lists
Like
Liked
33:08
Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-535
…
continue reading
Who will win Hacker Family Feud? On this special, year-end episode of Security Noise, we are gathering the fam around the digital fireplace for a hacker-themed game night! Geoff and Skyler are having TrustedSec's Jason Lang, Scott White, Rob Simon, Paul Koblitz, Martin Bos, and Chris Boesch duke it out to see which team can guess the most popular a…
…
continue reading
1
Shady Panda Hides For Years In Legitimate Browser Extensions: Cybersecurity Today
12:13
12:13
Play later
Play later
Lists
Like
Liked
12:13
In this episode of 'Cybersecurity Today,' host Jim Love discusses several significant cybersecurity issues. Highlights include a maximum severity vulnerability in React Server Components dubbed React2Shell (CVE-2025-55182), a recently patched Windows shortcut flaw by Microsoft, and new attacks using the Evilginx phishing platform in schools. Additi…
…
continue reading
