loader from loading.io

Transforming Frontline Workflows with Passwordless Access, AI costs, and the News - Joel Burleson-Davis - ESW #431

Security Weekly Podcast Network (Audio)

Release Date: 11/03/2025

Give Me Liberty or Linux, Badge Hacking Interview - Bryce Owen - PSW #901 show art Give Me Liberty or Linux, Badge Hacking Interview - Bryce Owen - PSW #901

Security Weekly Podcast Network (Audio)

In the security news: Cloudflare was down, it was not good Logitech breached The largest data breach in history? Fortinet Fortiweb - the saga continues Hacking Linux through your malware scanner, oh the irony I never stopped hating systemd The ASUS exploit that never existed If iRobot fails, can we deploy our own hacker bot army? Firmware encryption is a bitch Threat actors deply Claude Code Remembering the Viasat hack and why we can't have nice things Hacking re-entry sensors Sending signals in the wrong direction A File Format Uncracked for 20 Years And 2026 is the year of the Linux...

info_outline Health and Wellness of the CISO as They Crack Under Pressure and Need a BISO to Scale - Dr. Yonesy Núñez - BSW #422 show art Health and Wellness of the CISO as They Crack Under Pressure and Need a BISO to Scale - Dr. Yonesy Núñez - BSW #422

Security Weekly Podcast Network (Audio)

It's a topic we discuss often on Business Security Weekly: CISO Burnout. It's real, but how should you manage it? Dr. Yonesy Núñez, Global Cybersecurity Executive at Chain Bridge Bank and former Managing Director, Chief Cybersecurity Risk Officer, and Chief Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), joins Business Security Weekly to share his personal insights. An advocate of CISO Health and Wellness, Yonesy will discuss how we can "Optimize the Operator" by creating harmony with mind and spirit. Segment Resources: In the leadership and...

info_outline Cloudflare, Gh0stRAT, npm, North Koreans, Arch, Steam, Documentaries, Aaran Leyland.. - SWN #530 show art Cloudflare, Gh0stRAT, npm, North Koreans, Arch, Steam, Documentaries, Aaran Leyland.. - SWN #530

Security Weekly Podcast Network (Audio)

Cloudflare, Gh0stRAT, npm, North Korean Employees, Arch Linux Steam Machine, Documentaries, Aaran Leyland, and more on the Security Weekly News. Visit for all the latest episodes! Show Notes:

info_outline Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357 show art Secure Coding as Critical Thinking Instead of Vulnspotting - Matias Madou - ASW #357

Security Weekly Podcast Network (Audio)

Secure code should be grounded more in concepts like secure by default and secure by design than by "spot the vuln" thinking. Matias Madou shares his experience in secure coding training and the importance of teaching critical thinking. He also discusses why critical thinking is so closely related to threat modeling and how LLMs can be a tool for helping developers get beyond the superficial advice of, "Think like an attacker." Visit for all the latest episodes! Show Notes:

info_outline Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433 show art Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433

Security Weekly Podcast Network (Audio)

Segment 1: Interview with Rob Allen It’s the Year of the (Clandestine) Linux Desktop! As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy. In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker. Segment Resources: This segment is sponsored by ThreatLocker. Visit to...

info_outline Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, More... - SWN #529 show art Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, More... - SWN #529

Security Weekly Podcast Network (Audio)

Augustus De Morgan, Doordash, Fortiweb, Typosquatting, Vista, Ransomware, AI, Josh, Rob, Aaran, Jason, Dr. Scott, Rocky, Uh., and More on this edition of the Security Weekly News. Visit for all the latest episodes! Show Notes:

info_outline Going Around EDR - PSW #900 show art Going Around EDR - PSW #900

Security Weekly Podcast Network (Audio)

This week: Minecraft on your lightbulb Sonicwall breached, who's next? Ditch Android, install Linux Hacking your face Thermostat freedom Pen test fails HackRF hacking times 2 Going around EDR Hackers in your printer Chinese data breach NFC relays and PCI Constructive construction hacks FlipperZero firmware update ICS, PLCs, and attacks Bayesian Swiss Cheese, taste good? Do you want to hack back? Keeping secrets Enforcing CMMC OWASP top ten gets a make over Android Spyware makes a LANDFALL Gemini's deep research into your documents Slopguard and AI datacenters in space! Visit for all the...

info_outline Securing Model Context Protocol as Companies Plan to Replace Entry Roles with AI - Rahul Parwani - BSW #421 show art Securing Model Context Protocol as Companies Plan to Replace Entry Roles with AI - Rahul Parwani - BSW #421

Security Weekly Podcast Network (Audio)

As AI revolutionizes how we work, it has created a new attack surface with new technologies. One of those new technologies is Model Context Protocol (MCP). MCP has emerged as the standard for connecting AI to external tools, but its flexibility has created security challenges. How do we secure MCP? Rahul Parwani, Head of Product, Security Solutions at Airia, joins Business Security Weekly to discuss the challenges of MCP and how to secure this new protocol. Rahul will cover how Aria's solutions help you secure your AI development by: Centralizing Access Control Enforcing Security Policies...

info_outline Miles, 10/8 time, Lost Phones, Whisper Leak, Quantum Route, AI Galore, Rob Allen... - Rob Allen - SWN #528 show art Miles, 10/8 time, Lost Phones, Whisper Leak, Quantum Route, AI Galore, Rob Allen... - Rob Allen - SWN #528

Security Weekly Podcast Network (Audio)

Miles Davis, Jimmy Buffet, 10/8 time, Lost Phones, Phishing, Whisper Leak, Quantum Route Redirect, AI Galore, Rob Allen, and more on the Security Weekly News. Segment Resources: This segment is sponsored by ThreatLocker. Visit to learn more about them! Visit for all the latest episodes! Show Notes:

info_outline Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356 show art Ransomware, Defaults, and Proactive Defenses - Rob Allen - ASW #356

Security Weekly Podcast Network (Audio)

Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk about ransomware, why putting too much attention on clicking links misses the larger picture of effective defenses, and what orgs can do to prepare for an influx of holiday-infused ransomware targeting. Segment resources This segment is sponsored by ThreatLocker. Visit to learn more about them! Visit for all the latest episodes! Show Notes:

info_outline
 
More Episodes

Segment 1: Interview with Joel Burleson-Davis

Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale.

Segment Resources:

This segment is sponsored by Imprivata. Visit https://securityweekly.com/imprivata to learn more about them!

Topic Segment: The Economics of AI Agents

Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month.

As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity.

Jackie mentions this story from Wired in the segment: https://www.wired.com/story/ai-bubble-will-burst/

News Segment

Finally, in the enterprise security news,

  1. we’ve got funding and acquisitions
  2. 7 red flags you’re doing cloud wrong
  3. security standards for open source projects
  4. post mortems of attacks on open source supply chain
  5. some analysis on current and historic AWS outages
  6. a deep dive
  7. some dumpster fires
  8. and how much would you pay for a robot that puts away the dishes?

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-431