Best SecurityWeek Podcasts (2025)

1
AI, EDR, and Hacking Things - PSW #896 2:04:54

Play Pause

2h ago2:04:54

2:04:54

First up is a technical segment on UEFI shells: determining if they contain dangerous functionality that allows attackers to bypass Secure Boot. Then in the security news: Your vulnerability scanner is your weakest link Scams that almost got me The state of EDR is not good You don't need to do that on a phone or Raspberry PI Hash cracking and explo…

1
Automating Compliance and Risk with Agentic AI as CISOs (R)Evolve - Trevor Horwitz - BSW #417 54:20

1d ago54:20

54:20

Still managing compliance in a spreadsheet? Don't have enough time or resources to verify your control or risk posture? And you wonder why you can't get the budget to move your compliance and risk programs forward. Maybe it's time for a different approach. Trevor Horwitz, Founder and CISO at TrustNet joins Business Security Weekly to discuss how th…

1
Bikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more... - SWN #520 32:37

1d ago32:37

32:37

Bikers, Apple, Storm-657, Astaroth, EES, Salesforce, Aaran Leyland, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-520

1
Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352 1:07:32

2d ago1:07:32

1:07:32

Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that appsec teams need to focus on. W…

1
Security Awareness Through Trust and Influence - Jennifer Selby Long - CSP #217 35:39

3d ago35:39

35:39

Jennifer Selby Long reframes security awareness as more than training—it’s about earning trust and influence with executives and security teams. She shares leadership lessons on how to build stronger alignment and support for security initiatives. Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodca…

1
New book from Dr. Anand Singh, why CISOs buy, and the latest news - Anand Singh - ESW #428 1:43:44

3d ago1:43:44

1:43:44

Segment 1 - Interview with Dr. Anand Singh We're always thrilled to have authors join us to discuss their new book releases, and this week, it is Dr. Anand Singh. He seriously hustled to get his new book, Data Security in the Age of AI, out as soon as possible so that it could help folks dealing with securing AI rollouts right now! We'll discuss wh…

1
Ballistic Hot Dogs, Clayrat, Twonet, Lockbit, Resumes, Discord, Aaran Leyland and... - SWN #519 31:50

6d ago31:50

31:50

1
IoT Hacks Galore - Kieran Human - PSW #895 2:09:14

7d ago2:09:14

2:09:14

This week we kick things off with a special interview: Kieran Human from Threat Locker talks about EDR bypasses and other special projects. In the security news: Hacking TVs Flushable wipes are not the only problem People just want to spy on their pets, except the devices can be hacked Linux EDR is for the birds What does my hat say we love exploit…

1
Forrester's Global Cybersecurity Market Forecast Before AI Fully Kicks In - Merritt Maxim - BSW #416 52:51

9d ago52:51

52:51

Global spending on cybersecurity products and services will see a strong 14.4% CAGR from 2024 through 2029 and will hit $302.5 billion in 2029, driven by continued concerns around cyberattacks across all verticals and geographies. But where is the spending occuring and how do you prepare? Merritt Maxim, VP & Research Director at Forrester, joins Bu…

1
Bad Crypto, Zombie CPUs, Y2K38,Park Mobile, Redis, Red Hat, Deloitte, Aaran Leyland.. - SWN #518 28:47

9d ago28:47

28:47

1
Finding Large Bounties with Large Language Models - Nico Waisman - ASW #351 53:52

9d ago53:52

53:52

1
AI & IAM: Where Security Gets Superhuman (Or Supremely Stuck) - Dor Fledel, Alexander Makarov, Aaron Parecki, Heather Ceylan, Matt Immler, Nitin Raina - ESW #427 1:34:04

11d ago1:34:04

1:34:04

At Oktane 2025, leaders from across the security ecosystem shared how identity has become the new front line in protecting today’s AI-driven enterprises. As SaaS adoption accelerates and AI agents proliferate, organizations face an explosion of human and non-human identities—and with it, growing risks like misconfigured access, orphaned accounts, a…

1
Ratboi, Clop, Oracle, svgs, Impact Solutions, The Pentagon, Open AI, Josh Marpet... - SWN #517 30:34

13d ago30:34

30:34

Ratboi, Clop, Oracle, svgs, Impact Solutions, The Pentagon, Open AI, Josh Marpet, and More on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-517

1
AI: The new trigger word. Or is it Robots? - PSW #894 2:04:32

14d ago2:04:32

2:04:32

In addition to some fun news, we get a Mary Ann Davidson as a surprise guest. We even get a great quote from her of "You're never going to have enough cybersecurity people to defend what was never built to be defensible.". Show Notes: https://securityweekly.com/psw-894

1
Future Forward: CIO 2025 Outlook - Cybersecurity, AI, and Economic Uncertainty? - Amanda Jack - BSW #415 55:15

16d ago55:15

55:15

More than four out of ten (41%) Chief Information Officers (CIOs) report cybersecurity as their top concern, yet these same leaders are simultaneously increasing security budgets (77%), expanding cloud infrastructure (68%), and accelerating artificial intelligence (AI) capabilities (67%). According to the new Future Forward: CIO 2025 Outlook report…

1
Attica, Crustacean Porn, Broadcom, William of Ockham, Jaguar, SVG, Aaran Leyland... - SWN #516 31:22

16d ago31:22

31:22

Attica, Crustacean Porn, Broadcom, William of Ockham, Jaguar, SVG, Aaran Leyland, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-516

1
Changing the Vuln Conversation from Volume to Remediation - Francesco Cipollone - ASW #350 1:14:32

17d ago1:14:32

1:14:32

Dealing with vulns tends to be a discussion about prioritization. After all, there a tons of CVEs and dependencies with known vulns. It's important to figure out how to present developers with useful vuln info that doesn't overwhelm them. Francesco Cipollone shares how to redirect that discussion to focus on remediation and how to incorporate LLMs …

1
Live interviews from Oktane 2025: threats, AI in apps, and AI in cybersecurity tools - Brett Winterford, Shiv Ramji, Damon McDougald - ESW #426 1:35:13

18d ago1:35:13

1:35:13

How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today’s threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intel…

1
Riker's Curse, River City, EDR-Freeze, MCP, WordPress, GitHub, Josh Marpet, and More. - SWN #515 30:49

20d ago30:49

30:49

Riker's Curse, River City, EDR-Freeze, MCP, WordPress, GitHub, Josh Marpet, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-515

1
Broadcom, LastPass, SEO Poisoning, QR codes, H1B visas, Distributed Computing... - PSW #893 1:03:06

21d ago1:03:06

1:03:06

Broadcom, LastPass, Brickstone, SEO Poisoning, QR codes, H1B visas, Distributed Computing, and More... Show Notes: https://securityweekly.com/psw-893

1
Rearchitecting Systems for Privacy as AI Agents Force You to Rethink Security - Guillaume Jaulerry - BSW #414 1:02:20

23d ago1:02:20

1:02:20

As AI and cloud-based services power our connected world, individuals are facing an unprecedented privacy crisis. With more than 2.3 billion people entrusting their data to the cloud and centralized servers, cyberattacks, data breaches, surveillance, identity theft, and privacy threats are now everyday risks. How do we protect against these threats…

1
Uhura, Collins, Nimbus Manticore, Sonic Wall, Async Rat, Solar Winds, Aaran Leyland.. - SWN #514 29:42

23d ago29:42

29:42

Uhura, Collins, Nimbus Manticore, Sonic Wall, Async Rat, Solar Winds, ShadowV2, H1B, Aaran Leyland, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-514

1
Design Errors in Entra ID, Design Defenses in iOS, Design Difficulties in DeepSeek - ASW #349 58:43

24d ago58:43

58:43

In the news, Microsoft encounters a new cascade of avoidable errors with Entra ID, Apple improves iOS with hardware-backed memory safety, DeepSeek demonstrates the difficulty in reviewing models, curl reduces risk by eliminating code, preserving the context of code reviews, and more! Show Notes: https://securityweekly.com/asw-349…

1
Disruption is Coming for the Vulnerability Management Market - Tod Beardsley - ESW #425 1:47:15

25d ago1:47:15

1:47:15

Interview with Tod Beardsley This interview is sponsored by runZero. Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Let's talk about the state of VM. Check out https://securityweekly.com/runzero to learn more! Topic Segment: NPM Incidents In this week’s topic segment, we’re discussing all the NPM supply …

1
CrowdStrike's AI Innovations in Cyber Defense - SWN #513 37:15

27d ago37:15

37:15

In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the role of AI in enhancing security measures, the challenges posed by ma…

1
Safes, Hackers, and Web Servers - PSW #892 2:12:25

28d ago2:12:25

2:12:25

This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news: Your safe is not safe Cisco ASA devices are under attack VMScape HybridPetya and UEFI attacks in the wild Eveything is a Linux terminal Hackers turns 30 Hosting websites on di…

1
Board Priority But Lack of Access & CISO Pressure, 360 Privacy and Pentera Interviews - Chuck Randolph, Tom Pore - BSW #413 1:10:10

30d ago1:10:10

1:10:10

In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a grippi…

1
AI Nuns, Steganography, You're fired, VoidProxy, C++, Carplay Apriso, Josh Marpet... - SWN #512 34:29

1M ago34:29

34:29

AI Nuns, Steganography, You're fired, VoidProxy, C++, Carplay Apriso, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-512

1
How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - ASW #348 1:08:00

1M ago1:08:00

1:08:00

This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now. We start…

1
Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424 1:40:37

1M ago1:40:37

1:40:37

Segment 1 - Interview with Jeff Pollard Introducing Forrester’s AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security For this episode’s interview, we’re talking to Forrester analyst Jeff Pollard. I’m pulling this segment’s description directly from the report’s executive summary, which I think says it best: As AI agents and ag…

1
Diella, Texas, Movie Rip Offs, WAF, AdaptixC2, Nano11, and More... - SWN #511 33:44

1M ago33:44

33:44

Diella, Texas, Movie Rip Offs, WAF, AdaptixC2, Nano11, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-511

1
Americans Can't Hack It - PSW #891 2:09:32

1M ago2:09:32

2:09:32

This week: Americans Can't Hack It Copy and paste to get malware Pixel 5 web servers - because you can How they got in and why security is hard Vulnerability management is failing - is it dead yet? Exploiting hacker tools Bluetooth spending spree! How to defend your car IoT security solutions and other such lies Exploiting IBM i (formerly AS/400) V…

1
Forrester 2026 Budget Planning Guide and BlackHat 2025 Interviews - Jess Burn, Danny Jenkins, Matt Muller - BSW #412 1:11:11

1M ago1:11:11

1:11:11

With volatility now the norm, security and risk leaders need practical guidance on managing existing spending and new budgetary necessities. Where should they look? Jess Burn, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss Forrester's Budget Planning Guide 2026: Security And Risk. This data-and-insights-driven re…

1
Hellhounds, Anthropic, iCloud, NPM, gitforked, notdoor, TOR, Signal, Josh Marpet - SWN #510 32:42

1M ago32:42

32:42

AI Hellhounds, Anthropic, iCloud, NPM, gitforked, notdoor, TOR, Signal, WhatsApp, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-510

1
Limitations and Liabilities of LLM Coding - Ted Shorter, Seemant Sehgal - ASW #347 1:17:09

1M ago1:17:09

1:17:09

Up first, the ASW news of the week. At Black Hat 2025, Doug White interviews Ted Shorter, CTO of Keyfactor, about the quantum revolution already knocking on cybersecurity’s door. They discuss the terrifying reality of quantum computing’s power to break RSA and ECC encryption—the very foundations of modern digital life. With 2030 set as the deadline…

1
OT on the Frontlines: Threat Intelligence You Can’t Ignore - Dawn Cappelli - CSP #216 33:18

1M ago33:18

33:18

Dawn Capelli, Head of OT-CERT at Dragos, unpacks the evolving risks to Operational Technology. From nation-state attacks on Ukraine’s infrastructure to hacktivists targeting U.S. water systems, she explains the PIPEDREAM malware, the top five SANS critical OT controls, and how Dragos’ OT-CERT program offers free resources to help organizations defe…

1
Ransomware, Agentic AI, and Supply Chain Risks: Insights from Black Hat 2025 - Theresa Lanowitz, Yuval Wollman, Mickey Bresman, J.J. Guy, Jason Passwaters, HD Moore, Jawahar “Jawa” Sivasankaran - ESW ... 2:06:06

1M ago2:06:06

2:06:06

Doug White sits down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a powerful and timely conversation about one of cybersecurity’s most pressing threats: the software supply chain. Theresa shares fresh insights from LevelBlue’s global research involving 1,500 cybersecurity professionals across 16 countries. Together, they unpack the rea…

1
AI Trolley Problems, Rhode Island Drivers, and Kohlbergian Post Conventionalism - SWN #509 40:58

1M ago40:58

40:58

Josh Marpet and Doug White talk about AI Ethics, Issues, and Compliance. AI Trolley problems, Rhode Island Drivers, and Post Conventionalism. Show Notes: https://securityweekly.com/swn-509

1
Lasagna DoS, AI Slop, Hacker Ultimatums - PSW #890 2:04:36

1M ago2:04:36

2:04:36

In the secure news: Automakers respond to Flipper Zero attacks More on the unconfirmed Elastic EDR 0-Day When Secure Boot does its job too well Crazy authenitcation bypass Hacker ultimatums AI Slop Impatient hackers Linux ISOs are malware Attackers love drivers Hacking Amazon's Eero, the hard way Exploits will continue until security improves The S…

1
Security Money: The Index Dips and 20 Years of Cybersecurity Consolidation - Ross Haleliuk - BSW #411 1:04:12

1M ago1:04:12

1:04:12

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn’t at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has cons…

1
Rinoa Poison, Scambaiter Extraordinaire - Rinoa Poison - SWN #508 33:29

1M ago33:29

33:29

I talk to Rinoa Poison about scambaiting, identity, and all sorts of things. Check it out. Show Notes: https://securityweekly.com/swn-508

1
AI, APIs, and the Next Cyber Battleground: Black Hat 2025 - Michael Callahan, Idan Plotnik, Josh Lemos, Chris Boehm - ASW #346 1:08:11

1M ago1:08:11

1:08:11

In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape. Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pu…

1
Dave Lewis talks M&A due diligence, TBD topic, the weekly news - Dave Lewis - ESW #422 1:46:21

2M ago1:46:21

1:46:21

Interview with Dave Lewis on Security's Role in M&A Due Diligence In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organiza…

1
Astro Oblivion, FreePBX, GitHub, OWASP, Promptlock, Claude Aaran Leyland - SWN #507 35:51

2M ago35:51

35:51

Porn bombing the celestial zoom room and Astro Oblivion, FreePBX, GitHub, OWASP, Promptlock, Claude Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-507

1
Hackers Steal Your Car and Vulnerabilities - Rob Allen - PSW #889 2:10:12

2M ago2:10:12

2:10:12

Rob Allen joins us to discuss the importance of security research teams, and some cool stuff they've worked on. Then, in the Security News: Flipper Zero, unlocking cars: The saga continues The one where they stole the vulnerabilities ESP32 Bus Pirates AI will weaponize everything, maybe What are in-the-wild exploits? Docker and security boundaries,…

1
vCISO Benefits as the CISO Becomes Strategic and the Board's Responsible for Security - Brian Haugli - BSW #410 59:29

2M ago59:29

59:29

Securing top-tier cybersecurity leadership is not just a necessity but a significant challenge, especially when working within budget constraints. Should you hire a full-time CISO or outsource to a vCISO provider? Brian Haugli, CEO at SideChannel, joins BSW to discuss how organizations can hire a Virtual CISO (vCISO) to benefit from their expertise…

1
Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet... - SWN #506 33:43

2M ago33:43

33:43

Naughty RBG, Docker, RDP, SBOMS, Kullback-Leibler, Oneflip, Youtube, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-506

1
Translating Security Regulations into Secure Projects - Emily Fox, Roman Zhukov - ASW #345 1:13:31

2M ago1:13:31

1:13:31

The EU Cyber Resilience Act joins the long list of regulations intended to improve the security of software delivered to users. Emily Fox and Roman Zhukov share their experience education regulators on open source software and educating open source projects on security. They talk about creating a baseline for security that addresses technical items…

1
Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Harish Peri - ESW #421 1:49:28

2M ago1:49:28

1:49:28

Interview with Harish Peri from Okta Oktane Preview: building frameworks to secure our Agentic AI future Like it or not, Agentic AI and protocols like MCP and A2A are getting pushed as the glue to take business process automation to the next level. Giving agents the power and access they need to accomplish these lofty goals is going to be challengi…

1
Humans extinct: 2040, Okta, Elastic, Bad Bots, Berserk Bear, Siemens, Aaran Leyland.. - SWN #505 34:12

2M ago34:12

34:12

Humans wiped out by 2040, Okta, Elastic, Bad Bots, Berserk Bear, Siemens, Philip K. Dick, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-505