Enterprise Security Weekly (Audio)
News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire, Sean Metcalf.
info_outline
Hardware-level zero trust, don't trust AI with your employees, and the news - J Wolfgang Goerlich, Matias Katz - ESW #446
02/16/2026
Hardware-level zero trust, don't trust AI with your employees, and the news - J Wolfgang Goerlich, Matias Katz - ESW #446
Segment 1: Interview with Mathias Katz What if you had enterprise-grade network security protections traveling with your users' laptops? What if it could be built into the laptop, but still stay safe even if the laptop OS and firmware were entirely compromised? Mathias and his company, Byos have built such a thing, and BOY do we have some questions for him. Segment 2: Interview with Wolfgang Goerlich Addressing the nuanced, nefarious threats of AI Sure, we need to worry about AI prompt injection and AI data leakage, but what about the threats to our BRAINS? Seriously, as we start to have daily conversations with this technology, how are they going to shape how we think? What inherent biases in the training, fine tuning, guardrails, or lack of guardrails are going to affect our decisions or how we work? Wolfgang is concerned about this, so he performed a human/AI experiment. With almost 1000 people partaking in the experiment, the results are sure to be intriguing. Segment 3: This week's enterprise security news Finally, in the enterprise security news, survey results on how folks are feeling about openclaw some hidden drama discovered in KEV updates some new KEV tools is AI replacing traditional code scanning tools? remote code execution in notepad no, not notepad++, NOTEPAD.EXE you know, the one that ships preinstalled on Windows the RSAC innovation sandbox finalists dealing with legacy vulnerabilities Don't accept OpenClaw Mac Minis from strangers! All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/40103235
info_outline
Clickfixed, Zero Trust World, and OpenClaw is out of control - but that's the point - Rob Allen - ESW #445
02/09/2026
Clickfixed, Zero Trust World, and OpenClaw is out of control - but that's the point - Rob Allen - ESW #445
Interview Segment - Rob Allen - Clickfix "Clickfix" attacks aren't new, but they're certainly more common these days. Rob Allen joins us to help us understand what they are, why they work on your employees, and how to stop them! We tie it into infostealers and ransomware actors. Plenty of practical recommendations for how to spot and prevent these attacks in your environment, don't miss it! This segment is sponsored by ThreatLocker. Visit to learn more about them! Interview Segment - Rob Allen - Zero Trust World Threatlocker's 6th annual Zero Trust World event is happening next month! This three day event runs from March 4th through the 6th once again in sunny Orlando, Florida. This year's event is packed with hands-on hacking workshops, competitions, prizes, and keynotes from Marcus Hutchins, and Linus and Luke from Linus Tech Tips. Security Weekly will be there as well, doing live interviews and recording an episode of ESW live! This segment is sponsored by ThreatLocker's annual Zero Trust World. Visit to learn more about the conference and register with discount code ZTW26ESW! News Segment For this week's enterprise news, we discuss OpenClaw! funding! acquisitions! testing out AI models’ offensive security capabilities more openclaw! the need for more transparency and testing in the vendor space A photobooth service leaks drunken pictures of wedding parties The salty snack that helps server uptime All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/40023125
info_outline
Initial entry to resilience: understanding modern attack flows and this week's news - Warwick Webb - ESW #444
02/02/2026
Initial entry to resilience: understanding modern attack flows and this week's news - Warwick Webb - ESW #444
Segment 1: Interview with Warwick Webb From Initial Entry to Resilience: Understanding Modern Attack Flows Modern cyberattacks don’t unfold as isolated alerts--they move as coordinated attack flows that exploit gaps between tools, teams, and time. In this episode, Warwick Webb, Vice President of Managed Detection and Response at SentinelOne, breaks down how today’s breaches often begin invisibly, progress undetected through siloed security stacks, and accelerate faster than human response alone can handle. He’ll discuss how unified platforms, machine-speed detection powered by global threat intelligence, and expert-led response change the equation--turning fragmented signals into clear attack narratives. The conversation concludes with how organizations can move beyond incident response to build resilience, readiness, and continuous improvement through post-attack analysis. Listeners will leave with a clearer understanding of how attacks actually unfold in the real world—and what it takes to move from reactive alert handling to true attack-flow-driven defense. Segment Resources: Wayfinder 451 Managed Defense Redefined This segment is sponsored by SentinelOne. Visit to learn more about them! Segments 2 and 3: The Weekly News In this week's enterprise security news, we’ve got funding free tools! the CISO’s craft agentic browsers tech companies are building cyber units? giving AI agents access to your entire life lots of dumpster fires in the industry today Cisco killed Kenna the state of AI in the SOC homemade EMP guns! don’t try this at home All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39940690
info_outline
The future of data control, why detection fails, and the weekly news - Thyaga Vasudevan - ESW #443
01/26/2026
The future of data control, why detection fails, and the weekly news - Thyaga Vasudevan - ESW #443
Segment 1: Interview with Thyaga Vasudevan Hybrid by Design: Zero Trust, AI, and the Future of Data Control AI is reshaping how work gets done, accelerating decision-making and introducing new ways for data to be created, accessed, and shared. As a result, organizations must evolve Zero Trust beyond an access-only model into an inline data governance approach that continuously protects sensitive information wherever it moves. Securing access alone is no longer enough in an AI-driven world. In this episode, we’ll unpack why real-time visibility and control over data usage are now essential for safe AI adoption, accurate outcomes, and regulatory compliance. From preventing data leakage to governing how data is used by AI systems, security teams need controls that operate in the moment - across cloud, browser, SaaS, and on-prem environments - without slowing the business. We’ll also explore how growing data sovereignty and regulatory pressures are driving renewed interest in hybrid architectures. By combining cloud agility with local control, organizations can keep sensitive data protected, governed, and compliant, regardless of where it resides or how AI is applied. This segment is sponsored by Skyhigh Security. Visit to learn more about them! Segment 2: Why detection fails Caleb Sima put together of the issues around detection engineering struggles that I thought worth discussing. Amélie Koran also and experiences. Segment 3: Weekly Enterprise News Finally, in the enterprise security news, Fundings and acquisitions are going strong can cyber insurance be profitable? some new free tools shared by the community RSAC gets a new CEO Large-scale enterprise AI initiatives aren’t going well LLM impacts on exploit development AI vulnerabilities global risk reports floppies are still used daily, but not for long? All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39857275
info_outline
Making vulnerability management and incident response actually work. Also, the News! - Ryan Fried, Beck Norris, José Toledo - ESW #442
01/19/2026
Making vulnerability management and incident response actually work. Also, the News! - Ryan Fried, Beck Norris, José Toledo - ESW #442
Segment 1 with Beck Norris - Making vulnerability management actually work Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity. Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure. Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What’s going on here, why does this happen??? Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again! Segment Resources: [Mandiant - Best practices for incident response planning] () Segment 3 - Weekly Enterprise News Finally, in the enterprise security news, Almost no funding… Oops, all acquisitions! Changes in how the US handles financial crimes and international hacking Mass scans looking for exposed LLMs The state of Prompt injection be careful with Chrome extensions and home electronics from unknown brands Is China done with the West? All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39764355
info_outline
The State of Cybersecurity Hiring, 2026 content plans, and the weekly news - ESW #441
01/12/2026
The State of Cybersecurity Hiring, 2026 content plans, and the weekly news - ESW #441
First Topic - Podcast Content Plans for 2026 Every year, I like to sit down and consider what the podcast should be focusing on. Not doing so ensures every single episode will be about AI and nobody wants that. Least of all, me. If I have one more all-AI episode, my head is going to explode. With that said, most of what we talk about in this segment is AI (picard face palm.png). I think 2026 will be THE defining year for GenAI. Three years after the release of ChatGPT, I think we've hit peak GenAI hype and folks are ready for it to put up or shut up. We'll see winners grow and get acquired and losers pivot to something else. More than anything, I want to interview folks who have actually seen it work at scale, rather than just in a cool demo in a vendor sandbox. Also on the agenda for this year: The battle against infostealers and session hijacking: we didn't have a good answer in 2025. When is it coming? Will it include Macs, despite them not having a traditional TPM? The state of trust in outsourcing and third party use (Cloud, MSSPs, SaaS, contractors): 2025 was not a good year for third parties. Lots of them got breached and caused their customers a lot of pain. Also, there's the state of balkanization between the US and... the rest of the entire world. Everyone outside the US seems to be trying to derisk their companies and systems from the Cloud Act right now. Vulnerability management market disruption: there are half a dozen startups already plotting to disrupt the market, likely to come out of stealth in 2026 Future of the SOC: if it's not AI, what is it? What else??? What am I missing? What would you like to see us discuss? Please drop me a line and let me know: adrian.sanabria@cyberriskalliance.com Topic 2: The state of cybersecurity hiring This topic has been in the works for a while! Ayman had a whole and focused on all the paths people take to get into security. Jackie worked with WiSys on into a cybersecurity career. Whether you're already in cyber or looking for a way in, this segment crams a lot of great advice into just 15-20 minutes. Segment resources: Ayman's for getting into security News Finally, in the enterprise security news, Fundings and acquisitions still strong in 2026! Santa might be done delivering gifts, but not protecting Macs! ClickFix attacks Weaponized Raspberry Pis MongoDB incidents for Christmas Top 10 Cyber attacks of 2025 US gets tough on nation state hackers? Brute force attacks on Banks An AI Vending Machine All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39679705
info_outline
Why are cybersecurity predictions so bad? - ESW #440
01/05/2026
Why are cybersecurity predictions so bad? - ESW #440
For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions. First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases. In the next segment, we cover some 2025 predictions we found on the Internet. In the final segment, we discuss 2026, drop some of our own predictions, and talk about what we hope to see this year. SPOILER: Please fix session hijacking, okay tech industry? Segment resources: A great site for better understanding Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39446620
info_outline
Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439
12/29/2025
Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439
For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went. Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe for from Rick Martinez's cookbook, Mi Cocina. I used the wrong peppers (availability issue), so it came out green instead of red, but was VERY delicious. As for the episode, we discuss what we've been up to, with Jackie sharing her experiences fighting against Meta (allegedly, through some shell companies) building an AI datacenter in her town. We then get into discussing the limitations of AI, the potential of the AI bubble popping, and general limitations of AI that are becoming obvious. One of the key limitations is AI's inability to apply personal experience, have strong opinions, or any sense of 'taste'. I think I shared my observation that AI is becoming a sort of 'digital junk food'. "NO AI" has become a common phrase used by creators - a source of pride that media consumers seem to be celebrating and seeking out. Segment Resources: Kagi absolutely did NOT sponsor this episode. I have become a big fan of paying for search so that I am not the product. There are other players in this market, but I've settled on . We mention Ira Glass's bit on taste, which is a small bit of a longer talk he did on storytelling. The shorter bit is , and is less than 2 minutes long. The full talk is split into 4 parts and posted on a YouTube channel called "War Photography" for some reason. Part 1: Part 2: Part 3: Part 4: Finally, we also bring up a talk we also discussed on episode 437, Benedict Evans' Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39446095
info_outline
Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438
12/22/2025
Internal threats are the hole in Cybersecurity’s donut - Frank Vukovits - ESW #438
Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out. I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though. In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea. As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security. This segment is sponsored by Delinea. Visit to learn more about them! Topic Segment: Personal Disaster Recovery Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We’re way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They’re necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone’s personal and/or work life to a halt, and there are many cases of this happening. I’m not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…) Friend of the show and sometimes emergency co-host Guillaume recently A romance author got of her books A 79 year old of her iPad with all her family photos. Sadly, this is one of the most common scenarios. Someone either forgets their pin and locks out the device permanently, or a family member dies and didn’t tell anyone their passwords or pins, so the surviving family can’t access data, pay the bills, etc. Google example: Claims of CSAM material after father documents toddler at doctor’s request Dec 2025 Apple example: she tried to redeem a gift card that had been tampered with: Google example: developer lost all his work, because he was working on preventing revenge porn and other sensitive cases, and was building a better model to detect NSFW images: My partner’s mom’s Instagram account got hacked. Meta locked out all of it (Whatsapp, Instagram, Facebook) and she couldn’t get it reinstated. They wouldn’t even let her open a NEW account. Weekly Enterprise News Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39475825
info_outline
Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437
12/15/2025
Illuminating Data Blind Spots, Topic, Enterprise News - Tony Kelly - ESW #437
Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we’ll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We’ll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: This segment is sponsored by Fortra. Visit to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: News Segment Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39389915
info_outline
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436
12/08/2025
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436
Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and attack surface. The most basic misconfigurations lead to breaches. Threatlocker spotted this opportunity and have extended their agent-based product to increase attention on these common issues. This segment is sponsored by ThreatLocker. Visit to learn more! Interview with Wendy Nather: Recalibrating how we think about AI AI and the case for toxic anthropomorphism. When Wendy coined this phrase on Mastodon a few weeks ago, I knew that she had hit on something important and that we needed to discuss it on this podcast. We were lucky to find some time for Wendy to come on the show! Quick note: while this was not a sponsored segment, 1Password IS currently a sponsor of this podcast. That doesn’t really change the conversation any, except that I have to be nice to Wendy. But why would anyone ever be mean to Wendy??? Weekly Enterprise News Finally, in the enterprise security news, Dozens of funding rounds over the past two weeks Windows is becoming an Agentic OS? We talk about what that actually means. Some great free tools the latest cyber insurance trends we analyze some recent breaches the stop hacklore campaign some essays worth reading and a how a whole country dropped off the internet, because someone forgot to pay a GoDaddy invoice All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39294660
info_outline
From Misconfigurations to Mission Control: Lessons from InfoSec World 2025 - Marene Allison, Dr. Ron Ross, Ryan Heritage, Patricia Titus, Perry Schumacher, Rob Allen - ESW #435
12/01/2025
From Misconfigurations to Mission Control: Lessons from InfoSec World 2025 - Marene Allison, Dr. Ron Ross, Ryan Heritage, Patricia Titus, Perry Schumacher, Rob Allen - ESW #435
Live from InfoSec World 2025, this episode of Enterprise Security Weekly features six in-depth conversations with leading voices in cybersecurity, exploring the tools, strategies, and leadership approaches driving the future of enterprise defense. From configuration management and AI-generated threats to emerging frameworks and national standards, this special edition captures the most influential conversations from this year’s conference. In this episode: -You Don’t Need a Hacker When You Have Misconfigurations — Rob Allen, Chief Product Officer at ThreatLocker®, discusses how overlooked settings and weak controls continue to be one of the most common causes of breaches. He explains how Defense Against Configurations (DAC) helps organizations identify, map, and remediate configuration risks before attackers can exploit them. -Security Challenges for Mid-Sized Companies — Perry Schumacher, Chief Strategy Officer & Partner at Ridge IT Cyber, explores the evolving security challenges facing mid-sized organizations. He discusses how AI is becoming a competitive advantage, how mobility and third-party reliance complicate defenses, and what steps these organizations can take to improve resilience and efficiency. -The Rise of Security Control Management: Secure by Design, Not by Chance — Marene Allison, former CISO of Johnson & Johnson, introduces Security Control Management (SCM), a new software category that unifies control selection, mapping, validation, and enforcement. She explains how SCM transforms fragmented compliance programs into proactive, embedded defense. -Engineered for Protection: The Rise of Security Control Management — Ryan Heritage, Advisor at Sicura, continues the discussion on SCM, explaining how organizations can operationalize this approach to move from reactive reporting to proactive, data-driven defense. He highlights how automation and integration enable security decisions to be made at “the speed of relevance.” -The AI Threat: Protecting Your Email from AI-Generated Attacks — Patricia Titus, Field CISO at Abnormal Security, explores how cybercriminals are weaponizing generative AI to create sophisticated phishing and social engineering attacks. She shares practical strategies for defending against AI-generated threats and emphasizes why AI-based protections are now essential for modern enterprises. -Igniting Change: A Conversation with Dr. Ron Ross — Dr. Ron Ross, CEO at RONROSSECURE, LLC, shares insights from decades of pioneering work in cybersecurity, including the Risk Management Framework and Systems Security Engineering Guidelines. He discusses how leaders can apply these principles to strengthen resilience, foster innovation, and drive meaningful change across the cybersecurity landscape. Segment Resources ThreatLocker® Defense Against Configurations (DAC): Book a demo to see DAC in action. Visit to learn more! This segment is sponsored by Ridge IT Cyber. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39169665
info_outline
Aligning teams for effective remediation, Anthropic's latest report, and the news - Ravid Circus - ESW #434
11/24/2025
Aligning teams for effective remediation, Anthropic's latest report, and the news - Ravid Circus - ESW #434
Interview with Ravid Circus Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations. Segment Resources: Topic Segment: Thoughts on Anthropic's latest security report Ex-SC Media journalist Derek Johnson did a great job writing this one up over at Cyberscoop: There are a number of interesting questions that have been raised here. Some want more technical details and question the report's conclusions. How automated was it, really? I found it odd that Anthropic's CEO was on 60 minutes the same week, talking about how dangerous AI is (which is his company's primary and only product). I think one of the more interesting things to discuss is how Anthropic has based its identity and brand on AI safety. While so many other SaaS companies appear to be doing the bare minimum to stop attacks against their customers, Anthropic is putting significant resources into testing for future threats and discovering active attacks. News Segment Finally, in the enterprise security news, vendor layoffs have started again the sins of security vendor research the pillars of the Internet are burning selling out to North Korea isn’t worth what they’re paying you ransom payments, in 24 easy installments? a breach handled the right way we probably shouldn’t be putting LLMs into kids toys ordering coffee from the terminal All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39130210
info_outline
Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433
11/17/2025
Year of the (Clandestine) Linux Desktop, topic, and the news - Rob Allen - ESW #433
Segment 1: Interview with Rob Allen It’s the Year of the (Clandestine) Linux Desktop! As if EDR evasions weren’t enough, attackers are now employing yet another method to hide their presence on enterprise systems: deploying tiny Linux VMs. Attackers are using Hyper-V and/or WSL to deploy tiny (120MB disk space and 256MB memory) Linux VMs to host a custom reverse shell and reverse proxy. In this segment, we’ll discuss strategies and mitigations to battle this novel technique with Rob Allen from Threatlocker. Segment Resources: This segment is sponsored by ThreatLocker. Visit to learn more about them! Segment 2: Topic - Threat Modeling Humanoid Robots We're entering the age of human-shaped robots, so it seems like a good time to talk about the fact that they ALREADY HAVE CVEs assigned to them. I guess this isn't a terrible thing - John Connor might have had an easier time if he could simply hack the terminators from a distance... Resources (watch the video!) 100-page Paper: 5-page Paper: Amazingly, $300 smart vacuums have some of the same exact vulnerabilities and backdoors built into them as the $16,000 humanoid robots! Segment 3: Weekly News Finally, in the enterprise security news, A $435M venture round A $75M seed round a few acquisitions the producer of the movie Half Baked bought a spyware company AI isn’t going well, or is it? maybe we just need to adopt it more slowly and deliberately? ad-blockers are enterprise best practices firewalls and VPNs are security risks, according to insurance claims could you power an entire house with disposable vapes? All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/39041765
info_outline
OT Security Doesn't Have to be a Struggle, Spotting Red Flags, Enterprise News - Joshua Hay, Todd Peterson - ESW #432
11/10/2025
OT Security Doesn't Have to be a Struggle, Spotting Red Flags, Enterprise News - Joshua Hay, Todd Peterson - ESW #432
Segment 1: OT Security Doesn’t Have to be a Struggle OT/ICS/SCADA systems are often off limits to cybersecurity folks, and exempt from many controls. Attackers don’t care how fragile these systems are, however. For attackers aiming to disrupt operations, fragile but critical systems fit criminals’ plans nicely. In this interview, we discuss the challenge of securing OT systems with Todd Peterson and Joshua Hay from Junto Security. This segment is sponsored by Junto Security. Visit to learn more! Segment 2: Topic - Spotting Red Flags in Online Posts This week's topic segment is all about tuning your 'spidey sense' to spot myths and misconceptions online so we can avoid amplifying AI slop, scams, and other forms of Internet bunk. It was inspired by , but we've got a cybersecurity story in the news that we could have easily used for this as well (the report from MIT). Segment 3: Weekly Enterprise News Finally, in the enterprise security news, Some interesting fundings Some more interesting acquisitions a new AI-related term has been coined: cyberslop the latest insights from cyber insurance claims The AI security market isn’t nearly as big as it might seem cybercriminals are targeting trucking and logistics to steal goods Sorry dads, science says the smarts come from mom All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38955425
info_outline
Transforming Frontline Workflows with Passwordless Access, AI costs, and the News - Joel Burleson-Davis - ESW #431
11/03/2025
Transforming Frontline Workflows with Passwordless Access, AI costs, and the News - Joel Burleson-Davis - ESW #431
Segment 1: Interview with Joel Burleson-Davis Frontline workers can’t afford to be slowed down by manual, repetitive logins, especially in mission-critical industries where both security and productivity are crucial. This segment will explore how inefficient login methods erode productivity, while workarounds like shared credentials increase risk, highlighting why passwordless authentication is emerging as a game-changer for frontline access to shared devices. Joel Burleson-Davis, Chief Technology Officer of Imprivata, will share how organizations can adopt frictionless and secure access management to improve both security and frontline efficiency at scale. Segment Resources: This segment is sponsored by Imprivata. Visit to learn more about them! Topic Segment: The Economics of AI Agents Vendors are finding, after integrating agents into their processes, that agentic AI can get expensive very quickly. Of course, this isn't surprising when your goal is "review all my third party contracts and fill out questionnaires for me" and the pricing is X DOLLARS for 1M TOKENS blah blah context window, max model thinking model blah blah. No one knows what the conversion is from "review my contracts" to millions of tokens, so everyone is left to just test it out and see what the bill is at the end of the month. As we saw with Cloud when adoption started increasing in the early 2010s, we are naturally entering the era of AI cost optimization. In this segment, we'll discuss what that means, how it affects the market, and how it affects the use of AI in cybersecurity. Jackie mentions this story from Wired in the segment: News Segment Finally, in the enterprise security news, we’ve got funding and acquisitions 7 red flags you’re doing cloud wrong security standards for open source projects post mortems of attacks on open source supply chain some analysis on current and historic AWS outages a deep dive some dumpster fires and how much would you pay for a robot that puts away the dishes? All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38868865
info_outline
Securing AI Agents with Dave Lewis, Enterprise News, and interviews from Oktane 2025 - Mike Poole, Conor Mulherin, Dave Lewis - ESW #430
10/27/2025
Securing AI Agents with Dave Lewis, Enterprise News, and interviews from Oktane 2025 - Mike Poole, Conor Mulherin, Dave Lewis - ESW #430
Segment 1: Interview with Dave Lewis from 1Password In this week's sponsored interview, we dive into the evolving security landscape around AI agents, where we stand with AI agent adoption. We also touch on topics such as securing credentials in browser workflows and why identity is foundational to AI agent security. This segment is sponsored by 1Password. Visit to learn more! Segment 2: Enterprise News In this week's enterprise security news, one big acquisition, two small fundings not all AI is bad deepfakes are getting crazy good make sure you log what your AI agents do Copilot prompt injection NordVPN tries to pull a jedi mind trick on us failure rate in AI adoption is a feature not a bug? using facial recognition to find Tinder profiles a predictable squirrel story All that and more, on this episode of Enterprise Security Weekly. Segment 3: Two interviews from Oktane 2025 Interview with Connor Mulherin of TechSoup The cybersecurity landscape in the nonprofit sector is evolving quickly, with organizations facing unique challenges due to limited resources, sensitive mission-driven work, and developing policies and training programs. Connor Mulherin, Director and GM of Validation Services at TechSoup, will discuss the industry's need for accessible and collaborative solutions to provide affordable technology leadership and security guidance. It will highlight how nonprofit organizations can build long-term digital resilience and combat these growing challenges. Segment Resources: Interview with Mike Poole, Director of Cyber Security at Werner Enterprises In today's digital landscape, cybersecurity is not just a technical issue—it’s a business imperative. Organizations that prioritize cybersecurity culture see fewer incidents and stronger resilience against evolving threats. But how do you foster a security-first mindset across an organization? This session will explore the critical components of building and maintaining a robust cybersecurity culture, starting with executive leadership buy-in—a fundamental step in securing resources and driving organizational change. We’ll then dive into the power of monthly phishing exercises, which reinforce awareness and preparedness. Attendees will also learn how to develop effective training programs that engage employees at all levels and create lasting behavioral change. Finally, we’ll discuss the role of cybersecurity-themed events, particularly during Cybersecurity Awareness Month, as a powerful tool to capture attention and reinforce key security principles. This segment is sponsored by Oktane by Okta. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38773045
info_outline
Mitigating attacks against AI-enabled Apps, Replacing the CIA triad, Enterprise News - David Brauchler - ESW #429
10/20/2025
Mitigating attacks against AI-enabled Apps, Replacing the CIA triad, Enterprise News - David Brauchler - ESW #429
Segment 1: David Brauchler on AI attacks and stopping them David Brauchler says AI red teaming has proven that eliminating prompt injection is a lost cause. And many developers inadvertently introduce serious threat vectors into their applications – risks they must later eliminate before they become ingrained across application stacks. NCC Group’s AI security team has surveyed dozens of AI applications, exploited their most common risks, and discovered a set of practical architectural patterns and input validation strategies that completely mitigate natural language injection attacks. David's talk aimed at helping security pros and developers understand how to design/test complex agentic systems and how to model trust flows in agentic environments. He also provided information about what architectural decisions can mitigate prompt injection and other model manipulation risks, even when AI systems are exposed to untrusted sources of data. More about David's Black Hat talk: Video of the talk and accompanying slides: Talk abstract: Slide presentation only: Additional blogs by David about AI security: Analyzing Secure AI Architectures: Analyzing Secure AI Design Principles: Analyzing AI Application Threat Models: Building Security‑First AI Applications: A Best Practices Guide for CISOs: Building Trust by Design for Secure AI Applications: Tips for CISOs: AI and Cyber Security: New Vulnerabilities CISOs Must Address: Segment 2: Should we replace the CIA triad? An made us think - should we consider the CIA triad 'dead' and replace it? We discuss the value and longevity of security frameworks, as well as the author's proposed replacement. Segment 3: The Weekly Enterprise News Finally, in the enterprise security news, Slow week for funding, older companies raising via debt financing A useful AI framework from the Cloud Security Alliance two interesting essays, one of which is wrong Folks are out here blasting unencrypted data to and from Satellites, while anyone can sniff and capture it getting hacked during a job interview LLM poisoning is far easier than previously thought F5 got breached Be careful when patching your Jeep (’s software) All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38623250
info_outline
New book from Dr. Anand Singh, why CISOs buy, and the latest news - Anand Singh - ESW #428
10/13/2025
New book from Dr. Anand Singh, why CISOs buy, and the latest news - Anand Singh - ESW #428
Segment 1 - Interview with Dr. Anand Singh We're always thrilled to have authors join us to discuss their new book releases, and this week, it is Dr. Anand Singh. He seriously hustled to get his new book, Data Security in the Age of AI, out as soon as possible so that it could help folks dealing with securing AI rollouts right now! We'll discuss why he wrote it, how he got it done so quickly, and who needs to read it. Segment Resources: Get the book on Amazon: (available in Kindle and print) Segment 2 - Topic: The reasons why CISOs buy (and the things that don't matter to them) Val Tsanev, founder of ExecWeb, part of the CyberRisk Alliance family, about how CISOs buy products. This elicited . There are many interesting insights, but the biggest and most interesting is that 76% of CISOs choose products that presents the least risk to them, personally. Career safety trumps product performance, it would seem. Segment 3 - News In the enterprise security news, Shifting Zero Cyber insurance, unlike cyber crime, doesn’t pay New AI security categories are popping up to serve Agentic and MCP servers how tech companies measure AI impact first malicious MCP server in the wild is your computer mouse listening to you? The Korean government did not follow the backup rule of three Think you’ve seen the absolute worst idea for a mobile app? Wait until you hear about Neon. We have no less than three squirrel stories involving bullets, lasers, and greasy snacks All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38545020
info_outline
AI & IAM: Where Security Gets Superhuman (Or Supremely Stuck) - Matt Immler, Heather Ceylan, Alexander Makarov, Nitin Raina, Dor Fledel, Aaron Parecki - ESW #427
10/06/2025
AI & IAM: Where Security Gets Superhuman (Or Supremely Stuck) - Matt Immler, Heather Ceylan, Alexander Makarov, Nitin Raina, Dor Fledel, Aaron Parecki - ESW #427
At Oktane 2025, leaders from across the security ecosystem shared how identity has become the new front line in protecting today’s AI-driven enterprises. As SaaS adoption accelerates and AI agents proliferate, organizations face an explosion of human and non-human identities—and with it, growing risks like misconfigured access, orphaned accounts, and identity-based attacks. In this special Enterprise Security Weekly episode, we bring together insights from top experts: Dor Fledel (Okta) explains how teams can gain visibility into AI agents, uncover risks, and enforce appropriate access controls. Alexander Makarov (Adyen) shares how a global fintech unified and streamlined identity with Okta, improving both security and employee experience across 200+ countries. Aaron Parecki (Okta) highlights the importance of open standards—like IPSIE, MCP, and A2A—for building secure, interoperable AI ecosystems and centralized control over AI-driven interactions. Heather Ceylan (Box) discusses how Box embeds AI into workflows to enhance data protection, even for highly regulated industries. Matt Immler (Okta) offers lessons from the field on strengthening defenses with behavioral monitoring, automation, and a security-first culture to counter attackers who now “log in” instead of hacking in. Nitin Raina (Thoughtworks) warns about AI-driven social engineering—from deepfakes to multi-channel phishing—and shares practical strategies like phishing-resistant MFA, zero-trust architecture, and better employee training. From open standards to privileged access management and AI-powered defense, these Oktane 2025 conversations explore how identity-driven strategies are shaping the future of enterprise security. Segment Resources: This segment is sponsored by Oktane by Okta. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38459675
info_outline
Live interviews from Oktane 2025: threats, AI in apps, and AI in cybersecurity tools - Brett Winterford, Shiv Ramji, Damon McDougald - ESW #426
09/29/2025
Live interviews from Oktane 2025: threats, AI in apps, and AI in cybersecurity tools - Brett Winterford, Shiv Ramji, Damon McDougald - ESW #426
How identity security can keep pace with the evolving threat landscape, with Brett Winterford Today’s threat landscape has never been more complex. Malicious actors are leveraging tools like generative AI to develop more creative social engineering attacks that can have serious ramifications for businesses. Brett Winterford, VP of Okta Threat Intelligence, shares findings from his team’s most recent investigations, as well as recommendations for organizations looking to strengthen their defenses. Segment Resources How to navigate app development in the AI era with Shiv Ramji As AI reshapes how applications are built and consumed, developers and engineering leaders face a new set of challenges: enabling innovation while maintaining security. In this interview, Auth0 President Shiv Ramji will discuss the shifting landscape of application development in the AI era. He’ll discuss the shift toward developing AI agents that are secure by design and standards-first so they can thrive within an interconnected web of applications and systems. How AI agents are reshaping cybersecurity from the inside out with Damon McDougald AI is being harnessed to transform cybersecurity operations—from automating routine tasks to closing skills gaps and accelerating incident response. Damon McDougald, Global Security Services Lead at Accenture, shares how agents can cut through alert fatigue and proactively defend against threats at scale. Damon also outlines the identity risks these agents introduce—and what cybersecurity leaders must do now to secure their access and maintain control in an increasingly autonomous environment. All three segments are sponsored by Oktane by Okta. Visit to learn more! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38368705
info_outline
Disruption is Coming for the Vulnerability Management Market - Tod Beardsley - ESW #425
09/22/2025
Disruption is Coming for the Vulnerability Management Market - Tod Beardsley - ESW #425
Interview with Tod Beardsley This interview is sponsored by runZero. Legacy vulnerability management (VM) hasn't innovated alongside of attackers, and it shows. Let's talk about the state of VM. Check out to learn more! Topic Segment: NPM Incidents In this week’s topic segment, we’re discussing all the NPM supply chain attacks from the past 3 weeks. I recently published a roundup of these incidents . Weekly Enterprise News Finally, in the enterprise security news, funding and acquisitions are going crazy an exciting new canarytoken banks have a more sedate approach to agentic MCP security the future Subprime Code crash of 2028 is security worried about the wrong risks? botnets are back in the headlines some bs research journalists getting duped by AI Animal crossing villagers are organizing against Tom Nook All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38300670
info_outline
Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424
09/15/2025
Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424
Segment 1 - Interview with Jeff Pollard For this episode’s interview, we’re talking to Forrester analyst Jeff Pollard. I’m pulling this segment’s description directly from the report’s executive summary, which I think says it best: As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won’t be as simple or as straightforward as mobile and cloud — and that’s bad news for security leaders who in some cases still find themselves challenged by cloud security. Segment 2 - Weekly News Then, in the enterprise security news, there’s funding and acquisitions, but we’re not going to talk about them AI’s gonna call the cops on you and everyone’s losing money on it and Anthropic agreed to pay for all the copyright infringement they did when training models and got sued for recording millions of conversations without consent Burger King got embarrassed and their lawyers didn’t like it NPM package mayhem certificate authority hijinks AI darwin awards All that and more, on this episode of Enterprise Security Weekly. Segment 3 - Executive Interviews from Black Hat 2025 Interview with Rohit Dhamankar from Fortra Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape. Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures. Whether you’re building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence. This segment is sponsored by Fortra. Visit to learn more! Interview with Michael Leland from Island At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity’s most urgent realities: compromised credentials aren’t a possibility — they’re a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren’t “breaking in” anymore… they’re logging in. Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island’s enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins. Key takeaways: Why credential compromise is inevitable — and how to stop credential use How presentation layer DLP prevents data leaks inside and outside apps Real-time blocking of phishing logins and unsanctioned SaaS access Plug-in risk scoring, version pinning, and selective extension control Enabling BYOD securely — even after a catastrophic laptop loss Why many users never go back to Chrome, Edge, or Safari after switching Segment Resources: This segment is sponsored by Island. Visit to learn more! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38203430
info_outline
Ransomware, Agentic AI, and Supply Chain Risks: Insights from Black Hat 2025 - HD Moore, Jason Passwaters, J.J. Guy, Theresa Lanowitz, Mickey Bresman, Yuval Wollman, Jawahar “Jawa” Sivasankaran - ESW #423
09/08/2025
Ransomware, Agentic AI, and Supply Chain Risks: Insights from Black Hat 2025 - HD Moore, Jason Passwaters, J.J. Guy, Theresa Lanowitz, Mickey Bresman, Yuval Wollman, Jawahar “Jawa” Sivasankaran - ESW #423
Doug White sits down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a powerful and timely conversation about one of cybersecurity’s most pressing threats: the software supply chain. Theresa shares fresh insights from LevelBlue’s global research involving 1,500 cybersecurity professionals across 16 countries. Together, they unpack the real-world risks of software acquisition in the API economy, the explosive growth of AI-generated code, and the rise of “vibe coding”—and how these trends are silently expanding the attack surface for organizations everywhere. Visit to download the Data Accelerator: Software Supply Chain and Cybersecurity as well as all of LevelBlue's research. In this interview, Yuval Wollman, President of CyberProof, unpacks how AI agents are not only expanding the attack surface—but reshaping the entire cyber threat landscape. Discover how ransomware-as-a-service platforms like Funksec and Dragonforce are operating with enterprise-level precision. Learn about the role of agentic AI, geopolitical cyber warfare, and why today's hackers offer better customer support than airlines. This segment is sponsored by CyberProof. Visit to learn more about them! Doug White and Mickey Bresman, CEO of Semperis, dive deep into a conversation on the evolution of ransomware and the alarming rise of cyber extortion tactics. From the early days of encryption-only attacks to today's ransomware-as-a-service operations and hybrid threats blending digital and physical intimidation, this interview unpacks the growing sophistication of organized cybercrime. Mickey shares firsthand insights from Semperis’ recent ransomware report, including a chilling real-world example where a photo of a child was used to threaten an IT professional — illustrating how far threat actors are willing to go. This segment is sponsored by Semperis. Visit to download the 2025 Global Ransomware Report! Matt Alderman sits down with J.J. Guy, CEO & Co-Founder of Sevco Security, to unpack a 20-year industry failure finally being addressed: the disconnect between asset inventory, vulnerability visibility, and true cyber risk understanding. From the roots of CASM (Cyber Asset Attack Surface Management) to the convergence with CTE (Continuous Threat Exposure), JJ shares how Sevco is tackling today's fragmented environments — spanning cloud, on-prem, mobile, and containers — with a data-first approach. Would you like to see the Sevco platform in action? You can take a self-guided tour at Doug White sits down with Intel 471 CEO Jason Passwaters for an eye-opening conversation on how cybercrime has evolved into a professional, profit-driven ecosystem. From ransomware-as-a-service to agentic AI, this interview pulls back the curtain on the real-world intel enterprises need to defend against today’s most dangerous digital threats. Jason shares how threat actors are using business models that rival legitimate startups — complete with support teams and customer service — while enterprise security teams face shrinking budgets and expanding attack surfaces. This segment is sponsored by Intel471. Visit to learn more about them! CyberRisk TV sits down with HD Moore, CEO & Co-Founder of runZero, for a conversation on why vulnerability management is still failing enterprises — and what needs to change now. This interview dives deep into the real-world challenges facing security teams today: tool overload, missing assets, unauthenticated exposures, and the illusion of visibility. HD reveals how attackers are exploiting blind spots faster than defenders can react — and why unauthenticated discovery is the secret weapon defenders need. Try runZero free! Get started at Jackie McGuire sits down with Jawahar Sivasankaran, President at Cyware, for an unmissable deep dive into the future of Cyber Threat Intelligence (CTI), agentic AI, and open-source security innovation. With nearly three decades of experience spanning hands-on engineering, go-to-market leadership, and cutting-edge product strategy, Jawahar shares insider insights on how CTI is evolving from fragmented alerts to unified, automated threat intelligence platforms. To explore Cyware’s new Intelligence Suite, CTI automation capabilities, and open-source AI integration protocol, visit . Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38105560
info_outline
Dave Lewis talks M&A due diligence, TBD topic, the weekly news - Dave Lewis - ESW #422
09/01/2025
Dave Lewis talks M&A due diligence, TBD topic, the weekly news - Dave Lewis - ESW #422
Interview with Dave Lewis on Security's Role in M&A Due Diligence In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organizational value throughout the M&A process. Topic: The Challenge of Breach Transparency Every industry concerned with safety has a process for publishing the details of accidents, incidents, and failures. Cybersecurity has yet to reach this milestone, and hiding the details of failures is holding us back. This talk will argue for the need for breach details to go public, and share strategies for finding and using some little-known sources of detailed breach data. Weekly Enterprise News Finally, in the enterprise security news, A funding, a few acquisitions, and an IPO for the first time in forever! Attackers are really actually starting to use AI now Some researcher spent all of August poking holes in all the AI tools Someone got Microsoft Copilot to be an accomplice in a coverup Microsoft is making a big change in Azure that will probably break some stuff No, Flipper Zero can’t help you steal your car (just the stuff in it) Domain names are free to register now, maybe? Disgruntled former employee goes to jail AI tricked into doing more bad things All that and more, on this episode of Enterprise Security Weekly. This segment is sponsored by 1Password. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/38024390
info_outline
Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Harish Peri - ESW #421
08/25/2025
Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Harish Peri - ESW #421
Interview with Harish Peri from Okta Oktane Preview: building frameworks to secure our Agentic AI future Like it or not, Agentic AI and protocols like MCP and A2A are getting pushed as the glue to take business process automation to the next level. Giving agents the power and access they need to accomplish these lofty goals is going to be challenging, from a security perspective. How do put AI agents in the position to perform broad tasks autonomously without granting them all the privileges? How do we avoid making AI agents a gold mine for attackers - the first place they stop once they hack into our companies? These are some examples of the questions Okta aims to answer at this year’s Oktane event, and we aim to kick off the conversations a little early - with this interview! Segment Resources: Check out securityweekly.com/oktane for all our live coverage during the event this year! More information about the event and how you can attend can be found here: Topic - Indirect Prompt Injection Getting Out of Hand Reports of indirect prompt injection issues have been around for a while. Of particular note was Michael Bargury's presentation from Black Hat USA 2024. Simply sending an email to a Copilot user could make bad stuff happen. Now, at Black Hat 2025, we've got more: the ability to plunder any data resource connected to ChatGPT (they call these integrations "Connectors") from Tamir Ishay Sharbat at Zenity Labs. The research is titled . Looks like Google Jules is also vulnerable to what the Embrace the Red blog is calling . Sourcegraph's Amp Code , which encodes instructions to make them invisible. What's really going to ruffle feathers is the fact that all these companies know this stuff is possible, but don't seem to be able to figure out how to prevent it. Ideally, we'd want to be able to distinguish between intended instruction and instructions injected via attachments or some other means outside of the prompt box. I guess that's easier said than done? News Finally, in the enterprise security news, Drones are coming for you… to help? One of the most powerful botnets ever goes down Phishing training is still pointless Microsoft sets an alarm on its phone for 8 years from now to do post-quantum stuff vulns galore in commercial ZTNA apps GenAI projects are struggling to make it to production Adblockers could be made illegal - in Germany Windows is getting native Agentic support Automating bug discovery AND remediation? Public service announcement: time is running out for Windows 10 All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/37923830
info_outline
Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420
08/18/2025
Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420
Interview with Snehal Antani - Rethinking Risk-Based Vulnerability Management Vulnerability management is broken. Organizations basically use math to turn a crappy list into a slightly less crappy list, and the hardest part of the job as a CIO is deciding what NOT to fix. There has to be a better way, and there is... Segment Resources: This segment is sponsored by Horizon3.ai. Visit to learn more about them! Topic - Andy Ellis's Black Hat Expo Experience Andy Ellis visited every booth at Black Hat. Every. Single. One. He wrote up what he learned and we discuss his findings! News Finally, in the enterprise security news, Tons of handy new and free tools! is cybersecurity really at the latter stages of consolidation? new books is our obsession with risk quantification hurting our credibility? AI trends is there an impending AI layoff-pocalypse? we explain the kids’ favorite new term: Clanker All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/37842440
info_outline
ESW at BlackHat and the weekly enterprise security news - ESW #419
08/11/2025
ESW at BlackHat and the weekly enterprise security news - ESW #419
Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal Vendors shove AI agents into everything they’ve got Why SOC analysts ignore your playbooks NVIDA pinkie swears to China: no back doors! ChatGPT was allowing shared chat sessions to be indexed and crawled by search engines like Google Who is gonna secure all this vibe code? Who is gonna triage all these hallucinated bug reports? Perplexity and Cloudflare duke it out When you try to scrub your shady past off the Internet, it might just make things worse. All that and more, on this episode of Enterprise Security Weekly. Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/37757965
info_outline
Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418
08/04/2025
Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418
The Weekly Enterprise News (segments 1 and 2) This week, we’ve had to make some last minute adjustments, so we’re going to do the news first, split into two segments. This week, we’re discussing: Some interesting funding Two acquisitions - one picked up for $250M, the other slightly larger, at $25 BILLION Interesting new companies! On the 1 year anniversary of that thing that happened, Crowdstrike would like to assure you that they’re REALLY making sure that thing never happens again Flipping the script How researchers rooted Copilot, but not really talks to check out at Hacker Summer Camp detection engineering tips the Cloud Security Alliance has a new AI Controls Matrix sending in the National Guard to handle a breach! and how to read an AI press release Interview: Guillaume Ross on Building Security from Scratch Guillaume shares his experiences building security from scratch at Canadian FinTech, Finaptic. Imagine the situation: you're CISO, and literally NOTHING is in place yet. No policies, no controls, no GRC processes. Where do you start? What do you do first? Are there things you can get away with that would be impossible in older, well-established financial firms? Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/37642675
info_outline
tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417
07/28/2025
tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417
Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights . It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments. Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait. Topic Segment - Should the US Go on the Cyber Offensive? Triggered by , the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes. News Segment Visit for all the latest episodes! Show Notes:
/episode/index/show/eswaudio/id/37551035