Best Dave And Dev Podcast Podcasts (2025)

1
Checking in on the State of Appsec in 2025 - Janet Worthington, Sandy Carielli - ASW #338 1:07:15

Play Pause

6h ago1:07:15

1:07:15

Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…

1
Episode 468: Should I take a mini-retirement and doubling down on anachronisms 31:12

1d ago31:12

31:12

In this episode, Dave and Jamison answer these questions: Hi Dave and Jamison, Long-time listener, first-time question asker. Thank you both for the wisdom, perspective, and jokes you bring to the podcast. I recently received an inheritance of around $500,000. It’s not “quit your job and buy a yacht” money, but it is enough to reshape my life. I’m …

1
Identity, AI & Access: Highlights from Identiverse 2025 - Sagi Rodin, Ajay Amlani, Treb Ryan, Ajay Gupta, Artyom Poghosyan, Amir Ofek - ESW #414 1:49:38

1d ago1:49:38

1:49:38

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical too…

1
672: Design Tokens, Web Compents, and Web Monetization 51:30

1d ago51:30

51:30

Show Description We're all addicted to Clues by Sam and wonder about the data structure for the site, good thoughts on the design tokens community, shadow DOM, the state of web components in mid-2025, dealing with JSON, and new ideas around web monetization. Listen on Website → Links Clues By Sam web-platform-tests dashboard P&B: Dave Rupert – Manu…

1
North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran - SWN #491 28:50

4d ago28:50

28:50

North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran on this edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-491

1
Exploring Meshtastic and LoRa Mesh Networks - Rob Allen - PSW #881 1:08:14

5d ago1:08:14

1:08:14

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. W…

1
The Value of Zero Trust - Rob Allen - BSW #402 32:29

6d ago32:29

32:29

New research estimates the value of Zero Trust. Using the Marsh McLennan Cyber Risk Intelligence Center’s proprietary cyber losses dataset from the past eight years, researchers estimated that overall cyber losses could have been potentially reduced by up to 31% had the organizations widely deployed zero-trust security. This adds up to a projected …

1
Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet.. - SWN #490 31:11

7d ago31:11

31:11

Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-490

1
Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337 38:26

7d ago38:26

38:26

Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from a…

1
Episode 467: I can't get promoted if I do my job and should I get a degree to get a job in this economy 40:52

8d ago40:52

40:52

In this episode, Dave and Jamison answer these questions: I am a data scientist and was recently passed over for promotion to senior because my projects weren’t “senior level” enough, and I do too many ad hoc requests that delay delivery of my bigger projects. I am a go to for VP and C suite level execs in my company and am commonly asked to help w…

1
The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413 1:52:05

8d ago1:52:05

1:52:05

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organ…

1
671: Naming Consistency, HTML Includes, and Mixins 1:05:28

8d ago1:05:28

1:05:28

Show Description Chris reflects on CSS Day in Amsterdam, allowing languages to grow with nonstandard elements, naming things continues to be hard, shapes are going to get weird on the web, HTML includes get stirred up, thoughts on CSS mixins, and Dave's blogging about resizing text fun. Listen on Website → Links Understanding CSS corner-shape and t…

1
Broadcom, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and more... - SWN #489 31:28

11d ago31:28

31:28

Broadcom is coming for you, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-489

1
Is Vuln Management Dead? - HD Moore - PSW #880 2:16:08

12d ago2:16:08

2:16:08

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integrati…

1
Thriving Through Volatility: Insights for CISOs - Jeff Pollard, Pejman (Pej) Roshan, Deepen Desai - BSW #401 1:05:24

13d ago1:05:24

1:05:24

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The convers…

1
The Rise of Malware: Salt Typhoon and Spark Kitty - SWN #488 35:37

14d ago35:37

35:37

In this episode of Security Weekly News, Doug White discusses various cybersecurity threats, including the Salt Typhoon and Spark Kitty malware, the implications of Microsoft's decision to drop support for old hardware drivers, and the potential increase in cyber threats from Iran. The conversation also covers the alarming 16 billion password leak …

1
How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336 1:01:18

14d ago1:01:18

1:01:18

Fuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests…

1
Episode 466: Bad performance review and moving in to the caves 29:56

15d ago29:56

29:56

In this episode, Dave and Jamison answer these questions: I had my performance review two months ago where I scored a “Does not meet expectations”, which I definitely understand, and my manager told me that some of my coworkers had been complaining about me. I’ve been working hard on improving ever since and my manager told me that they were really…

1
Rethinking Identity: IAM, PAM & Passwordless Trends from Identiverse - David Lee, Amit Masand, Chip Hughes, Ashley Stevenson, John Pritchard, Matt Caulfield - ESW #412 1:38:23

15d ago1:38:23

1:38:23

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine comp…

1
670: Brad and Ian Frost on Their New Design Tokens Course 1:08:26

15d ago1:08:26

1:08:26

Show Description Brad and Ian stop by to chat about their new course, The Complete Guide to Design Tokens, what happens if you don't use design tokens on projects, what the ideal outcome is for building and designing with design tokens, how many colors is enough, what about refactoring, and does Figma or code win the argument? (Brad and Ian did giv…

1
Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More. - SWN #487 33:37

18d ago33:37

33:37

Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-487

1
Hacking Drivers - PSW #879 2:03:17

19d ago2:03:17

2:03:17

This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake artic…

1
CISO Cyber Insurance Empowerment - Morey Haber, Peter Hedberg, Stephan Jou - BSW #400 1:03:41

20d ago1:03:41

1:03:41

In this episode of Business Security Weekly, Mandy Logan, along with guests Peter Hedberg, Summer Craze Fowler, and Ben Carr, delve into the complexities of cyber insurance and the empowerment of Chief Information Security Officers (CISOs). The discussion covers the evolving landscape of cyber insurance, the critical role of underwriting, and the i…

1
AI Zombie Lawyer, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet - SWN #486 36:26

21d ago36:26

36:26

AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486

1
Threat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335 1:08:00

21d ago1:08:00

1:08:00

What makes a threat modeling process effective? Do you need a long list of threat actors? Do you need a long list of terms? What about a short list like STRIDE? Has an effective process ever come out of a list? Farshad Abasi joins our discussion as we explain why the answer to most of those questions is No and describe the kinds of approaches that …

1
Episode 465: Talking to your report's previous manager and how to replace a 30-year-old ticketing system 29:44

22d ago29:44

29:44

In this episode, Dave and Jamison answer these questions: A listener named Mike says, To what degree do you think it’s appropriate to talk with your peer managers about people that have moved from their team to yours? How much weight do you give their criticisms of an IC that they used to manage that is working out just fine under your leadership? …

1
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Rob Allen, Matthew Warner, Yotam Segev - ESW #411 1:19:04

22d ago1:19:04

1:19:04

Segment 1 - Interview with Rob Allen from ThreatLocker This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, em…

1
669: Peter Pistorius on Developing RedwoodSDK 1:07:06

22d ago1:07:06

1:07:06

Show Description We're chatting with Peter Pistorius about the change they made from RedwoodJS to RedwoodSDK, how it's going to handle routing, some new marketing ideas for RedwoodSDK, how RedwoodSDK's principles are informed by where Peter's from, choosing to go all in on Cloudflare, how the community has responded, and plans for monetization. Lis…

1
$200,000 Zoom Call, Microsoft, Zero-Click, China & HD With $649 million of Bitcoin - SWN #485 28:38

25d ago28:38

28:38

This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-485

1
UEFI Vulnerabilities Galore - PSW #878 2:10:48

26d ago2:10:48

2:10:48

This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…

1
Security Money: The Index is Up, CISOs Need to Get Out, and Are You Burning Out? - BSW #399 56:27

27d ago56:27

56:27

This week, it’s time for security money. The index is up, but the previous quarterly results were brutal. In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, …

1
Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more... - SWN #484 32:23

28d ago32:23

32:23

Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-484

1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334 1:09:09

28d ago1:09:09

1:09:09

CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…

1
Episode 464: Rehiring an overpaid boomerang and AI has taken over my teammate's brain 49:38

29d ago49:38

49:38

In this episode, Dave and Jamison answer these questions: Mr A. N. Onymous says, Hi Dave and Jamison, Long time listened, second time caller! I wrote a little while back with a common new-manager question about how to handle one of my reports who was at the lower end performance wise, but at the top end on the pay scale. I’d been trying to manage i…

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

30d ago1:38:02

1:38:02

Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …

1
668: Jake Archibald on Native HTML Includes 1:05:24

29d ago1:05:24

1:05:24

Show Description Jake Archibald joins us to discuss HTML includes, potential solutions, and the implications of introducing such a feature. We talk about security concerns, performance implications, and community feedback regarding HTML imports. Listen on Website → Guests Jake Archibald Guest's Main URL • Guest's Social Engineer at Shopify. Once sw…

1
Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More... - SWN #483 34:00

1M ago34:00

34:00

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-483

1
Etherfuse Stablebonds as an Essential Blockchain Primitive, feat Dave Taylor, CEO of Etherfuse 45:02

1M ago45:02

45:02

A conversation with Dave Taylor, CEO of Etherfuse, about Etherfuse's stablebonds as an essential blockchain primitive for foreign exchange. 📝 Notes from the show In this episode of the Solfate Podcast, hosts James and Nick welcome Dave Taylor, CEO of Etherfuse, to discuss their groundbreaking approach to bringing real-world assets on-chain through …

1
Updating & Protecting Linux Systems - PSW #877 1:05:23

1M ago1:05:23

1:05:23

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…

1
Regain Control of Business Risks, Your Leadership Habits, and Being Present - Alla Valente - BSW #398 1:18:17

1M ago1:18:17

1:18:17

During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive. Alla Valente, Principal Analyst at Forreste…

1
Bovril, Deranged, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet... - SWN #482 37:10

1M ago37:10

37:10

Bovril, Deranged Hookworm, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-482

1
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333 39:06

1M ago39:06

39:06

The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our sea…

1
Episode 463: CTO w/ weak resume and I tried management and it was TERRIBLE 27:16

1M ago27:16

27:16

In this episode, Dave and Jamison answer these questions: Albert Nonymous asks, I am the CTO at a small (5 engineers) tech start-up with non-technical founders. I was their first full-time employee and as such have been able to fully form this company the way I want. I’ve worked here for 9 years now and own 10% of the company. I enjoy the tech and …

1
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409 1:38:33

1M ago1:38:33

1:38:33

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creatin…

1
667: Jen Simmons on Declarative Web Push, Form Control Styling, & More 1:07:02

1M ago1:07:02

1:07:02

Show Description Jen Simmons stops by to talk about new CSS and Safari features like Form Control Styling, Declarative Web Push, Typography, contrast-color(), and more. Listen on Website → Guests Jen Simmons Guest's Main URL • Guest's Social Safari & WebKit Evangelist. Member of the CSS Working Group. Webmaster since 1996. Links webkit.org Safari R…

1
Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland... - SWN #481 33:15

1M ago33:15

33:15

Edge, Safari, CISO Pay and Loathing, Fake AI, ASUS, OneDrive, Manus, Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-481

1
It's A Trap! - PSW #876 2:02:39

1M ago2:02:39

2:02:39

In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM s…

1
Cudis's blockchain-based longevity protocol, w/ Edison Chen, CEO of Cudis 53:38

1M ago53:38

53:38

A conversation with Edison Chen, CEO of Cudis, about Cudis's longevity protocol that leverages blockchain incentives. Ready to start tracking your health on-chain? Get $60 off your Cudis ring and 500 bonus reward points by visiting their website via this link: https://www.cudis.xyz/join?code=Solfate and using code "Solfate" at checkout 📝 Notes from…

1
Quantum Readiness & Zero Trust: Strategies to Strengthen Digital Resilience - Jordan Avnaim, Chris Hickman, Amit Sinha, Albert Estevez Polo - BSW #397 1:07:59

1M ago1:07:59

1:07:59

This segment explores how automated microsegmentation addresses critical Zero Trust gaps overlooked by traditional access controls and legacy segmentation solutions. We'll examine the limitations of perimeter-based defenses in today's dynamic threat landscape and reveal how automated microsegmentation enhances network security beyond conventional f…

1
AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more... - SWN #480 35:14

1M ago35:14

35:14

AP Tests, Hyper-V, Notepad, Google, Nova Scotia, NHI, Bond, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-480