Security Weekly Podcast Network (Audio)
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and breaking news on the latest hacking techniques, vulnerabilities, and industry trends. Stay informed and secure with the most trusted voices in cybersecurity!
info_outline
Why Basic Security Practices Still Work - Rob Allen - ASW #382
05/12/2026
Why Basic Security Practices Still Work - Rob Allen - ASW #382
If you have to ditch your entire appsec strategy because you expect 2026 to bring more vulns more quickly, then you probably didn't have a good strategy in the first place. Rob Allen shares how the mentality of "assume breach" doesn't have to be a defeatist attitude and can instead be a way to change a catastrophic breach into a more contained one. We also talk about proactive security and what an "avoid breach" attitude could look like, including how to apply the macro lessons of default deny and network isolation to writing secure code. Resources This segment is sponsored by ThreatLocker. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41253880
info_outline
The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Chris Wallis, Deepen Desai, Erich Kron - ESW #458
05/11/2026
The impact of Mythos and Florida Man, confidence gaps, phishing, & AI adoption - Chris Wallis, Deepen Desai, Erich Kron - ESW #458
The Weekly Enterprise News This week, in the enterprise security news, Copy Fail The hits keep coming for CVE, NIST and NVD Cyber attacks on breathalyzers insurance carriers pulling support for AI Florida Man pleads guilty ignore the humanities at your own peril offense and defense don’t scale the same is it okay to be left behind? scientists gave cocaine to salmon Mind the Gap: Confidence, AI, and the Future of Exposure Management Former ethical hacker, now founder and CEO of Intruder, Chris Wallis explores whether AI can bridge the divide between finding vulnerabilities and understanding real-world attack context as exploit windows continue to shrink. This conversation dives into the structural "confidence gap" uncovered in Intruder’s 2026 Security Middle Child Report, where executive risk appetite is increasingly decoupled from front-line operational reality. Check out Intruder’s Security Middle Child Report at . Modern Phishing Attacks Are Under Multi-Channel Siege Recently, there has been a shift in cybercriminals’ behavior, marked by a surge in total phishing attack volume. These attacks are fueled by high-scale automation and a coordinated multi-channel siege targeting corporate collaboration tools. Trusted platforms such as email, Teams, calendars and others are in the cross-hairs, bypassing traditional phishing methods that have worked in the past. This segment is sponsored by KnowBe4. Visit to learn more about them! AI is Now Default Enterprise Accelerator The Zscaler ThreatLabz 2026 AI Security Report reveals that enterprise AI adoption has surged by up to 93% year-over-year, yet 100% of tested AI environments remain vulnerable to breaches that can occur in as little as 16 minutes. It highlights a dangerous shift toward "machine-speed" threats, where attackers use generative AI to automate data exfiltration and create sophisticated deepfakes. To combat these risks, the report urges organizations to move beyond simple blocking and instead implement a Zero Trust architecture for safe, AI-native data protection. This segment is sponsored by Zscaler. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41220955
info_outline
Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579
05/08/2026
Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! - SWN #579
Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance and more! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41220615
info_outline
Getting Rid of Your VPN - Rob Allen - PSW #925
05/07/2026
Getting Rid of Your VPN - Rob Allen - PSW #925
Rob Allen from Threatlocker joins us to discuss the risks associated with VPN appliances and how to implement better security solutions that don't leave you hanging out on the open Internet. The interview segment is sponsored by ThreatLocker. Visit to learn more about them! In the Security News: Less details about the FCC router ban Canary traps that work Hacking trains and getting arrested You can be an adult if you have a mustache cPanel is being exploited Pro-Iran group takes down Ubuntu Anthropic's new security solution Safe AI Agents and other lies People still use screensavers? CISA and operating for weeks or months in isolation Paramiko issues fixes Find security research Copy/Fail and AI slop debate ESP32 simulator Spotting vibe coded malware Fast16 - Stuxnet before Stuxnet Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41209725
info_outline
Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Arunesh Chandra, Edward Wu - BSW #446
05/06/2026
Teach to Sell and Two Interviews from RSAC 2026 from Dropzone AI and Microsoft - Dan Rochon, Arunesh Chandra, Edward Wu - BSW #446
As security leaders, we are continuously selling, maybe not as traditional sales folks, but as selling security across the organization. Whether you’re closing client deals, leading a team, running a business, or simply wanting your voice to be heard by other executives or the board, we are selling. How can influence help? Dan Rochon, Author of Teach to Sell, joins Business Security Weekly to discuss psychology of influence, personal transformation, and how to build trust that converts. Dan will cover the four pillars from his book: Believe (in Yourself) Find Business Build an Organization to Scale Leadership And how they will help you overcome self-doubt, communicate confidently, and build careers that serve your life—not consume it. Segment Resources: Teach to Sell Book: No Broke Months Podcast: The Agentic SOC: Autonomous AI Analysts at Machine Speed SOC teams are overwhelmed with the sheer number of alerts and have historically been reactive. Edward will discuss how Dropzone’s Agentic SOC deploys autonomous AI agents that investigate every alert, respond to emerging threats, and proactively hunt attackers - without a human bottleneck. He’ll explain how agent collaboration, deep recursive investigations, and self-agency expand SOC capacity by 10x without additional headcount. This segment is sponsored by Dropzone AI. Visit to learn more about them! Browser in the AI Era: Apply Controls Where the Work Happens The browser has become the primary gateway to work, data, and AI. In this episode, we talk about why security and IT teams are rethinking the role of the browser and what sets Edge for Business apart as a secure, enterprise-ready solution. We’ll cover how built-in security, native integration with existing IT tools, and centralized management can simplify operations, reduce risk, and support modern work across managed devices, BYOD, and contractors. A must listen for IT pros and security experts navigating browser sprawl and AI adoption. This segment is sponsored by Microsoft. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41165710
info_outline
Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578
05/05/2026
Zino, 0auth, VSS, Mental Health Hackers, 3 Days of KEV, Copy/Fail, AI, Aaran Leyland - SWN #578
Zino of Citium, 0auth, VSS, Mental Health Hackers, 3 Days of the CISA, Copy/Fail, AI Gone Wild, Aaran Leyland, and More on the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41167690
info_outline
Keeping Up With the OWASP GenAI Project - Scott Clinton - ASW #381
05/05/2026
Keeping Up With the OWASP GenAI Project - Scott Clinton - ASW #381
Speed is the most common theme among developers and appsec teams working with LLMs and agents, from trying to keep up with patterns for deploying agents to dealing with more code faster to how the latest models impact code quality and security. The OWASP GenAI Project is helping organizations keep up with the speed of those changes and engaging the appsec community for sharing effective ways to keep systems secure. Scott Clinton shares the latest progress on the the project, its roadmap for the year, and how appsec practitioners can shape its future. Resources: This segment is sponsored by The OWASP GenAI Security Project. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41149190
info_outline
Post Quantum Migration Struggles, AI Threats, and Modern Defenses - HD Moore, Ramin Farassat, Eyal Benishti, Daniel dos Santos, Bobby Ford - ESW #457
05/04/2026
Post Quantum Migration Struggles, AI Threats, and Modern Defenses - HD Moore, Ramin Farassat, Eyal Benishti, Daniel dos Santos, Bobby Ford - ESW #457
Interview with Daniel dos Santos: Post-Quantum Cryptography and the Risks No One Is Talking About Post-quantum cryptography (PQC) is quickly shifting from theory to inevitability. In this segment, Daniel dos Santos, VP of Research at Forescout, explains why PQC isn’t the most immediate threat today—but still demands early attention as standards solidify and timelines accelerate. The discussion highlights overlooked risks beyond encrypted traffic, including digital signatures, firmware integrity, and blockchain systems. Daniel also emphasizes the real challenge: migration. While client-side adoption is already underway, organizations face major hurdles identifying and upgrading servers, legacy systems, and unmanaged assets like IoT and OT. The bottom line: PQC migration is unavoidable. Starting early—especially with crypto inventory and planning—will make the transition far less painful. RSAC Interview: Multi-Channel Impersonation: Why Legacy Controls Are Failing As social engineering expands past just email to include text messages, chat apps, social platforms, and live video calls, traditional point solutions are struggling to keep up. In this segment, Bobby Ford explains how AI-powered impersonation and deepfake-enabled campaigns are exposing critical gaps in legacy defenses, and why organizations must evolve toward a unified social engineering defense platform that connects Digital Risk Management and Human Risk Management. He’ll outline what modern security programs need: real-time cross-channel visibility, behavior-driven detection, and strategies designed around how people actually communicate and make decisions today. Visit to learn how Doppel helps organizations defend against AI-powered impersonation, phishing, and multi-channel social engineering threats with a modern Human Risk Management approach. RSAC Interview: OT: Segmented Today, Breached Tomorrow As the worlds of IT and OT converge, traditional network segmentation falls short, exposing risks in the critical environments that keep energy flowing and shelves stocked. Conventional security tools fail to identify these gaps, with serious repercussions for operators. At runZero, we empower defenders to win by default through comprehensive discovery, rapid detection of critical exposures, and unique segmentation analysis that does not depend on span ports, credentials, or on-device agents. runZero provides real-time insights into even the most sensitive environments — quickly, safely, and securely. This segment is sponsored by runZero. Visit to learn more about them! RSAC Interview: Securing the Next Billion Users: Why the Browser is the Front Line for Agentic AI The enterprise is facing a fundamental shift: the next billion knowledge workers will not be human, they will be AI agents. While these agents offer exponential productivity, they operate at machine speed without human guardrails like MFA or skepticism, creating a massive security blind spot. Ramin Farassat discusses the "Agentic Paradox" and how a new approach to browser security is required to provide architectural immunity for the modern, hybrid workforce of both humans and agents. Learn more about how Menlo Security protects both humans and agents at . RSAC Interview: The Threat Curve Has Reset: Why AI Made “Solved” Attacks Dangerous Again AI hasn’t just evolved cyberattacks—it has reset the threat curve entirely. New research shows that even “solved” problems like phishing and business email compromise are immature and dangerous again, with attackers using AI and autonomous agents to launch hyper-personalized, multi-channel attacks at scale. This session explores what Phishing 3.0 really means for security leaders—and why defending trust now requires a fundamentally new approach. This segment is sponsored by IRONSCALES. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41122445
info_outline
DOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet - SWN #577
05/01/2026
DOS, Seneca the Younger, Outlook, CopyFail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet - SWN #577
DOS, 0x1A4, Seneca the Younger, Outlook, Copy/Fail, cPanel, QR, Ruby, Go, Talkie, Josh Marpet, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41120300
info_outline
FIRESTARTER - PSW #924
04/30/2026
FIRESTARTER - PSW #924
This week in the security news: Are you a FIRESTARTER? Eavesdropping via fiber-optic cables Copy Fail - more Linux LPE Github RCE Running Linux on a PS5 BadUSB tricks SilentGlass and HDMI threats Sonicwall and vague details Universities are for porn? The Banshee Before CVEs comes scanning Vendor addresses AirSnitch GitHub and not serious work Routers have country-specific backdoors Phones with Hotspot are fine Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41078015
info_outline
The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - Marc Manzano, Mark Hughes, Mehul Revankar - BSW #445
04/29/2026
The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - Marc Manzano, Mark Hughes, Mehul Revankar - BSW #445
Attackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will need security programs that are equally autonomous, coordinated and continuous. But where do you start? Mark Hughes, Global Managing Partner, Cybersecurity Services at IBM, joins Business Security Weekly to discuss autonomous security, the next frontier of cybersecurity services. IBM recently announced IBM Autonomous Security, a separate service that uses AI agents to analyze software exposures and runtime environments. Mark will discuss the fears and hype of AI and how agentic AI agents can identify paths in an enterprise security environment that can be exploited, improve cyber hygiene, and enforce security policies. As frontier models, like Mythos, accelerate attacks, security programs need to respond with speed, at scale, to drive the right business outcomes. AI Agents for Vulnerability Management Introducing Quantro Security, Inc., a new agentic AI solution bringing AI agents to vulnerability management. The company is focused on applying agentic AI to help address modern security challenges. In this interview, we’ll learn more about Quantro Security, Inc., its approach, and what this new solution means for the future of vulnerability management. This segment is sponsored by Quantro Security. Visit to learn more about them! The Guardrails are Gone: The Onus for AI Security Is On the Enterprise AI model providers are increasingly stepping back from enforcing guardrails, putting the responsibility for AI security squarely on enterprises. But most organizations don't yet have the visibility to meet that responsibility, facing a blind spot across the broader ecosystem of AI systems already operating in their environments. Closing that gap requires unified visibility across both AI systems and the cryptographic infrastructure they touch, so security teams can assess risk and act on it in one place. Visit to discover how enterprises are taking control of their AI security with AQtive Guard AI-SPM by SandboxAQ. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41052410
info_outline
Elfsmasher, PYPI, Facebook, Glassworm, Medtronic, OpenSSH, Sararimen, Aaran Leyland - SWN #576
04/28/2026
Elfsmasher, PYPI, Facebook, Glassworm, Medtronic, OpenSSH, Sararimen, Aaran Leyland - SWN #576
Elfsmasher, PYPI, Facebook, Glassworm, Medtronic, OpenSSH, Entrepreneurs, Sararimen, Aaran Leyland, and More on the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41052745
info_outline
Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 - James Kettle - ASW #380
04/28/2026
Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 - James Kettle - ASW #380
Portswigger's list of web hacking techniques is a long-running celebration of curiosity and research from the web hacking community. James Kettle shares his thoughts on the entries from 2025 and how he expects LLMs and agents to influence what the list will look like for next year. He also shares some insights on using LLMs for his own blackbox research, giving us a peek into the work he'll be sharing at Black Hat USA this summer. Resources Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41036520
info_outline
Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Karen Heart, Sachin Jade, Phil Calvin, Craig Sanderson, Travis Wong - ESW #456
04/27/2026
Rethinking Security from the OS Up in the Age of AI and more RSAC 2026 Interviews - Karen Heart, Sachin Jade, Phil Calvin, Craig Sanderson, Travis Wong - ESW #456
Rethinking Security from the OS Up in the Age of AI Karen Heart discusses a file-system–first approach to security, arguing that most modern attacks—including ransomware and supply chain compromises—succeed because they inherit user permissions and operate inside overly trusted system structures. She explains how limiting file access, socket (network) access, and privilege escalation at the operating system level can reduce entire classes of attacks. Rather than relying on reactive detection, her approach emphasizes immutable, allowlisted controls embedded close to the kernel layer, designed to prevent both data exfiltration and malicious code execution at the source. The conversation also explores how AI agents and contractors expand the attack surface, reinforcing the need for strict isolation, backup protection, and deterministic system boundaries. Segment Resources: The New Era of DNS Resilience: Breaking down the newly finalized NIST SP 800-81 Craig Sanderson from Infoblox will dive into the newly finalized NIST SP 800-81 as it marks a pivotal shift in DNS security, emphasizing resilience through modernized practices tailored for today’s distributed, cloud-driven, and threat-laden environments. This update provides actionable guidance for organizations to strengthen DNS infrastructure against evolving threats like ransomware and data exfiltration, while prioritizing initiatives like DNSSEC, encryption, and protective DNS for immediate risk reduction. This segment is sponsored by Infoblox. Visit to learn more about them! Agentic AI and the Future of Threat Intelligence Operations Security teams collect large volumes of threat intelligence but often struggle to translate that information into coordinated operational response. This discussion explores how organizations are embedding intelligence directly into security workflows and introducing AI agents to support investigation, enrichment and response. Sachin will discuss Cyware’s Agentic Fabric approach and the evolution toward an agent-centric model, where a portfolio of specialized agents assists analysts across threat intelligence, detection engineering and response workflows. The conversation will focus on how AI can support security teams while maintaining human oversight and operational control. This segment is sponsored by Cyware. Visit to learn more about them! Beyond the Audit: Making Cyber Risk Continuous, Quantified, and Actionable Most companies assess cyber risk once a year and call it done — but for organizations managing dozens of subsidiaries or portfolio companies, that's a costly blind spot. In this RSA interview, Resilience's VP of Customer Engagement explores why measuring risk in dollars (not color-coded charts) changes the conversation at the board level, and why the organizations best positioned to prevent losses are the ones treating cyber risk as a continuous discipline rather than an annual exercise. See it in action. Request a demo at . Delinea: Redefining Identity Security for the Agentic AI Era As enterprises scale agentic AI and automation, privileged access is increasingly required by non-human identities (NHIs) that operate autonomously across hybrid and cloud-native environments, introducing risks that static, credential-based models were never designed to govern. Delinea's recent of acquisition of StrongDM. This segment is sponsored by Delinea. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41010640
info_outline
Scylla &Charybdis, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland - SWN #575
04/24/2026
Scylla &Charybdis, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland - SWN #575
SScylla and Charybdis, Latin Phrasebook, Kyber, Trigonia, Namastex, GitHub, Crypto, Cables, Aaran Leyland, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/41008735
info_outline
Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923
04/23/2026
Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923
This week: Larry’s in the host seat and chaos ensues. We dig into: A very questionable story about tracking a warship with a $5 Bluetooth tracker Serial-to-IP devices quietly sitting in critical infrastructure… and full of holes New York regulators mandating MFA and asset inventory—aka CIS Control #1 is now breaking news A ransomware negotiator who decided to double-dip (and landed in prison) “Brand new” hard drives that come preloaded… with someone else’s data The Vercel breach: no zero-day, just shadow IT, stolen tokens, and bad decisions AI-driven vulnerability discovery and the looming “vulnpocalypse” Quantum crypto debates: real threat or just another security boogeyman? Mirai is STILL alive—because apparently we still don’t patch routers And yes… Flipper Zero makes an appearance (no, you’re not hacking airplanes… calm down) Then, we rebroadcast an interview from RSAC. Breach Readiness for Measurable Risk Reduction in the Age of AI Cyber leaders no longer debate whether a breach will occur. What has changed is the speed and scale at which AI now enables those breaches. The real question is how far an attacker can move once inside. In this conversation, Rajesh Khazanchi explores why breach readiness, including AI-assisted containment, measurable blast radius reduction, and pervasive microsegmentation, has become mission-critical for business continuity in 2026. This segment is sponsored by ColorTokens. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40993910
info_outline
From Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - Andrew Rubin, Craig Taylor, Tim Morris - BSW #444
04/22/2026
From Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - Andrew Rubin, Craig Taylor, Tim Morris - BSW #444
Why have security awareness training programs failed? Maybe we need to understand human psychology. Humans don't like tricks, or to be shamed, or negative emotions. Humans want to be rewarded, but yet our training and phishing programs are not built for reward. Maybe it's time to rethink cyber literacy. Craig Taylor, CEO and Co-founder at CyberHoot, joins Business Security Weekly to discuss why we need to shift our Cyber Literacy industry from shame and punishment towards gamification, positive reinforcement, and small rewards. If we truly aspire to change behaviors, then we need a different approach. Craig will discuss how a multi-disciplinary approach rooted in science is the future of training and phishing programs. Segment Resources: Individual Registration (Free Personal Training for Life): Newsletter Registration: Blog Articles: Cybrary (Library of 1000+ Cybersecurity Terms in non-technical language): Special Podcast Offer: 20% off CyberHoot for 1 year using the podcast’s unique coupon code: "Business Security Weekly" From Reactive to Autonomous: Real-Time Endpoint Intelligence in the Age of AI As organizations experiment with agentic AI and autonomous security operations, many are discovering a difficult reality: AI is only as effective as the data and visibility behind it. Yet most enterprises still struggle to answer basic questions about their endpoints in real time. In this conversation, we’ll explore how IT and security teams are evolving from reactive operations toward proactive, preventative, and ultimately autonomous models. The journey begins with real-time endpoint intelligence—the ability to see, understand, and act across every endpoint in seconds. This segment is sponsored by Tanium. Visit to learn more about them! Hard Truths: The Lies We Keep Buying in Cybersecurity Cybersecurity isn’t broken because of a lack of technology—it’s broken because the industry avoids hard truths. Fear still drives budgets. AI is oversold as a cure‑all while foundations remain weak, and CISOs are held accountable without the authority to change outcomes. In this conversation, Illumio CEO and founder Andrew Rubin breaks down what must change to build real resilience—because the next breach won’t just impact the business, it could end a career. For more information about Illumio, please visit: Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40956495
info_outline
Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More... - SWN #574
04/21/2026
Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More... - SWN #574
Robosawmill, Gentleman, Vercel, GitHub, Claude, RS232, Josh Marpet, and More on the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40962320
info_outline
The Human Aspect of Red Teams - Brian Fox, Tom Tovar, T. Gwyddon 'Data' Owen - ASW #379
04/21/2026
The Human Aspect of Red Teams - Brian Fox, Tom Tovar, T. Gwyddon 'Data' Owen - ASW #379
Red team exercises set goals to see if a particular outcome can be accomplished through a simulated attack, but the ultimate outcome should be educating the org about how to improve tools and processes that make attacks more difficult to succeed. Gwyddon "Data" Owen shares his experience building a red team, creating an exercise, and leveraging the results to improve security. And while the adoption of LLMs will accelerate a red team's activities, there are still plenty of foundational security controls that orgs can establish that would require a red team to be more than just fast, but fast and very careful. Coding Agents Are Getting More Cautious, But Not Safer A new study finds that while frontier AI coding models are hallucinating less than they did a year ago, they still preserve a significant amount of avoidable software risk when left ungrounded. Sonatype’s research shows that connecting these models to real-time software intelligence dramatically improves remediation quality and reduces critical and high-severity vulnerability exposure by 60–70%. The takeaway is clear: safer AI-assisted development will depend not just on better models, but on grounding them in accurate, current dependency and vulnerability data. This segment is sponsored by Sonatype. Read the study: How We Achieve Agentic Outcomes in CyberSecurity: The “Do-It-For-Me” Mobile Defense If you look at deepfakes, synthetic identity, social engineering, and new malware variants coming to market, it seems like attackers have a first-mover advantage in using AI. The volume and variety of threats are growing faster than the current cyber stack can address. Against this backdrop, organizations are moving away from “do-it-yourself” delivery models (more tools, more alerts, more headcount) to “do-it-for-me” agentic AI delivery models (using platforms that unify data, execute policy, and automate outcomes). The emphasis outside of cyber is on empowering the expert human-in-the-loop — so teams spend less time in the noise and more time delivering business outcomes. This segment explores how cybersecurity leaders can make the most of the AI Age, leveraging it for good while staying relevant amid the explosive AI adoption curve. This segment is sponsored by Appdome. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40947070
info_outline
Making AI actually work in the enterprise and more RSAC Conference 2026 interviews - Camellia Chan, Aamir Lakhani, Jim Spignardo, Jody Brazil, Ely Abramovitch - ESW #455
04/20/2026
Making AI actually work in the enterprise and more RSAC Conference 2026 interviews - Camellia Chan, Aamir Lakhani, Jim Spignardo, Jody Brazil, Ely Abramovitch - ESW #455
Interview with Jim Spignardo What does it take to build AI workflows that work? Why do so many fail? Jim isn’t a typical ESW guest. I think it’s essential for security folks to regularly step outside the security bubble and understand other perspectives and mindsets. That’s what we’re doing today with Jim. He specializes in building custom AI architecture and workflows for his clients. We discuss the state of AI in the enterprise and why so many of these efforts fail. We’ll discuss the elements of AI success and whether security plays a role in helping AI efforts succeed or contribute to failures. Segment Resources: RSAC Exec Interviews, Part 1 Trends Revealed in Fortinet’s FortiGuard Labs 2026 Global Threat Landscape Report Fortinet’s Global Director of Threat Intelligence and Adversarial AI Research explores the trends revealed in the latest Global Threat Landscape Report from FortiGuard Labs, including a surge in AI-enabled cybercrime. As AI optimizes and accelerates attack techniques, here’s how cyber defenders should respond. This segment is sponsored by Fortinet . Visit to learn more about them! X-PHY Delivers Hardware-Enforced Security for the Age of AI Agents Camellia Chan, CEO and Co-Founder of X-PHY, discusses how Model Context Protocol (MCP) is making it easier for AI agents to plug into enterprise apps and operate with elevated permissions—creating new opportunities for attacks and data exfiltration. She explains how X-PHY’s hardware-enforced monitoring and detection sit beyond the OS trust boundary to enforce immutable limits on what agents can do and stop threats before data is lost, so organizations can adopt agentic AI with confidence. Security leaders looking to deploy AI agents safely can request a demo or briefing with X-PHY at . RSAC Exec Interviews, Part 2 Introducing Legion Investigator: Goal-Oriented AI Investigations Traditional security playbooks often fail because they cannot capture the fluid, context-dependent reasoning required when a routine investigation hits a non-scripted "judgment point." Legion Investigator addresses this gap by employing goal-oriented AI agents that move beyond rigid scripts to interpret findings and execute complex, multi-step investigations based on your team's unique environment and expertise. By bridging the divide between automated execution and human-level reasoning, the platform ensures that every alert (no matter how unpredictable) is handled with the depth and consistency of a senior analyst. This segment is sponsored by Legion Security. Visit to learn more about them! The Missing Layer in Zero Trust: The Security Policy Control Plane Zero Trust has become the dominant security architecture for hybrid and cloud environments, but many organizations are discovering that deploying enforcement technologies alone does not deliver operational control. Firewalls, cloud security groups, and microsegmentation platforms enforce access decisions, yet the policies behind those controls are often fragmented, difficult to validate, and constantly changing. In this conversation, FireMon CEO Jody Brazil discusses why modern security architectures increasingly require a security policy control plane: a layer that continuously validates how policy is enforced across firewalls, cloud networks, and segmentation platforms. The discussion explores why policy drift occurs in real environments, how enforcement systems become difficult to coordinate at scale, and what organizations must do to ensure Zero Trust policies remain consistent as infrastructure evolves. This segment is sponsored by FireMon. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40915305
info_outline
Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573
04/17/2026
Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573
Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40915575
info_outline
The AI "Vulnpocolypse" Is Real? - PSW #922
04/16/2026
The AI "Vulnpocolypse" Is Real? - PSW #922
This week: CSA issues guidance to CISOs on Mythos Vuln management woes Windows tells you about Secure Boot AI-assisted firmware vuln hunting The dumbest hack Edge decay and the failing perimeter Mac OS X on a Wii Little snitch comes to Linux CPUID served malware Buying plugins to backdoor them Addicted to hacking Is Mythos just a sales pitch? We are still talking about Adobe Acrobat vulns A single line AI jailbreak Hacking Apple Intelligence Don't leave your ICS device or RDP exposed to the Internet! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40904195
info_outline
Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Rob Juncker, Joanna Chen, Tony Anscombe - BSW #443
04/15/2026
Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Rob Juncker, Joanna Chen, Tony Anscombe - BSW #443
So you want to be a CISO? Do you know what that role entails? It depends on a number of factors, including industry, country location, technical vs. business, and more. Each position is more different than you think. Joanna Chen, Chief Information Security Officer at Dashlane, joins Business Security Weekly to discuss why not all CISO gigs are created equal. As a "technical" CISO in a foreign country, Joanna realized that not all of her peers came from a technical background, like herself. It's a broad world and the CISO role varies a lot. Joanna will discuss how to understand the various CISO roles and discuss the skills that are makers and breakers. Managing Cyber Risk as Financially Motivated Attacks Grow The ransomware and eCrime landscape continue to evolve at a rapid pace. ESET’s global research team has been closely following ransomware gang disruptions and their use of EDR Killers to disable cybersecurity tools. In this interview, Tony Anscombe will take a look into recent research, and explore how the industry and businesses are responding to combat financial risk and mitigate threats. This segment is sponsored by ESET. Visit to learn more about them! Attack Surface Just Got a Copilot AI adoption is accelerating faster than most organizations can secure it — and the consequences are showing up in email inboxes, collaboration platforms, and the shadow tools employees use every day. According to Mimecast's State of Human Risk 2026, 80% of organizations are concerned about sensitive data exposure through generative AI tools, yet 60% still lack strategies to address AI-driven threats. The result is a growing gap between the security investments organizations are making and the protection they're actually getting. In this conversation, Rob Juncker will explore why human behavior has become the defining variable in enterprise cybersecurity, how shadow AI is creating new data exposure and insider risk vectors, and what it takes for security architectures to adapt in real time — without slowing down the business. This segment is sponsored by Mimecast. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40870820
info_outline
Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more - Kieran Human - SWN #572
04/14/2026
Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more - Kieran Human - SWN #572
Amish Conversion, Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, Outlook Lite, Air Traffic Control, Kieran Human, and More on the Security Weekly News. Segment Resources: This segment is sponsored by ThreatLocker. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40877805
info_outline
Securing Software's Journey with the OWASP SPVS - Ido Geffen, Rohan Ravindranath, Cameron W., Farshad Abasi - ASW #378
04/14/2026
Securing Software's Journey with the OWASP SPVS - Ido Geffen, Rohan Ravindranath, Cameron W., Farshad Abasi - ASW #378
It's one thing to write secure code, it's another to release it into the wild. That code needs to be designed, built, tested, released, and maintained. Farshad Abasi and Cameron Walters explain how the OWASP Secure Pipeline Verification Standard picks up from where ASVS left off, how it complements other supply chain security efforts like SLSA, and why they updated it with explicit coverage for AI. They show what goes into making a project relevant and -- most importantly -- successful at defending how supply chains are attacked. They're also looking for more feedback and participation! If you build software packages, consume software packages, or have an interest in helping organizations stay secure, check it out! Resources -- The Story Behind OWASP SPVS Zero Trust That Actually Ships: Moving From Strategy Decks to Real Security Most enterprise organizations have been working at Zero Trust for years and fail to deliver truly secure environments. Rohan Ravindranath shares insights that Zappsec has gained from guiding the global teams that are succeeding at protecting their orgs. Discover the common pitfalls so you can deploy a solution that works. This segment is sponsored by Zappsec. Visit to learn more about them! Cloning Attacker Tradecraft: Why AI Pentesting is Becoming Essential Enterprises ship code continuously, but most security validation still happens in snapshots. Novee CEO and co-founder Ido Geffen explains what “AI penetration testing” means, why it’s different from automated scanning, and why it’s becoming essential as attackers adopt AI to move faster. He breaks down what separates best-in-class AI pentesting: operator-like reasoning across real environments, validated exploitability, and the ability to uncover business logic flaws and multi-step attack chains. Ido covers the technology behind Novee’s AI penetration tester: a proprietary LLM model, built independently of “frontier” LLMs (like Claude, ChatGPT, Cursor, etc.), and consistently outperforming them at browser exploitation tests. Finally, he shares what buyers should demand in a live evaluation and how continuous retesting closes the loop after fixes ship. This segment is sponsored by Novee Security. See what your attackers already know at . Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40860630
info_outline
We catch up on the news, including AI vuln hunting; also more RSAC interviews! - John Wilson, Mark Lambert, Georges Bossert, Samuel Hassine - ESW #454
04/13/2026
We catch up on the news, including AI vuln hunting; also more RSAC interviews! - John Wilson, Mark Lambert, Georges Bossert, Samuel Hassine - ESW #454
Segment 1: We cover the weekly enterprise news! Segment 2: RSAC interviews from ArmorCode and Filigran ArmorCode: AI Exposure Management and Governing Shadow AI AI is moving faster than most governance models can keep up. As organizations race to adopt new AI tools, developer workflows, agents and MCP servers, security leaders must enable innovation without losing control over risk, accountability and oversight. In this segment, ArmorCode will discuss its new AI Exposure Management (AIEM) solution, as part of the ArmorCode Agentic AI Platform. ArmorCode will highlight how AIEM gives enterprises clearer visibility into where AI is being used, who owns it and the potential risks it introduces across heterogeneous environments. By turning AI usage and signals from existing security and IT systems into governed, auditable outcomes, AIEM helps organizations reduce shadow AI risk, assign accountability and accelerate AI adoption with stronger control and board-ready governance. ArmorCode will also share findings from its new 2026 State of AI Risk Management report, developed in partnership with The Purple Book Community and based on responses from more than 650 enterprise security leaders. The discussion will connect ArmorCode’s latest product innovation to the broader industry need for scalable, enterprise-ready AI risk governance. ArmorCode AI Exposure Management is available now as a solution deployed on the ArmorCode Agentic AI Platform. To learn more, visit . Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence In a time where the ability to turn intelligence into decisive action is a true competitive advantage, organizations must move beyond reactive alert triage to a proactive, threat-informed defense. This segment explores how unifying threat intelligence with adversarial attack simulation enables a Continuous Threat Exposure Management (CTEM) framework that replaces hype with measurable outcomes. We will discuss why these are no longer just technical security conversations, but critical business strategies that provide the board and C-suite with the clarity and confidence to reduce risk and focus resources where they matter most. This segment is sponsored by Filigran. Visit to learn more about them! Segment 3: RSAC interviews with Sekioa and Fortra Agentic AI: Don't Make Your SOC Faster at Being Wrong Adding AI agents to an unprepared SOC doesn't make it smarter; it just makes it "faster at being wrong." Georges Bossert challenges the industry hype to explain why true autonomy relies on reliable context and structured runbooks, not just prompts. He will discuss how to build the necessary foundations to automate rapidly without losing control. This segment is sponsored by Sekoia.io. Visit to discover their AI SOC Platform! Scripted Sparrow: A Prolific BEC Group In December, Fortra Intelligence and Research Experts (FIRE) released a major report exposing Scripted Sparrow, one of the most active Business Email Compromise (BEC) collectives operating today. The group sends an estimated 6 million highly targeted scam emails each month, impersonating executive coaching firms and leveraging spoofed reply chains, missing attachment lures, and evolving multilingual campaigns. FIRE’s investigation links the collective to 119 domains, 245 webmail accounts, and 256 bank accounts, with members operating across three continents and continually refining their fraud techniques at scale. This segment is sponsored by Fortra. Visit to learn more about them! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40807455
info_outline
Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571
04/10/2026
Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet. - SWN #571
Staypuft, Claude, One Pixel, deepfakes, Raccoon, BOFH, Satoshi Nakamoto, Josh Marpet, and More on this episode of the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40803480
info_outline
AI Makes All Bug Shallow? - PSW #921
04/09/2026
AI Makes All Bug Shallow? - PSW #921
This week: Rage dropping 0-Day Claude Mythos, things are different now From UART to root, on a device made in China, where's the FCC? More CUPS vulnerabilities Russians are hacking routers, FCC ban doesn't stop them Mongoose vulnerabilities, and FCC still does nothing Renting virtual phones Iran's cyber attacks SHA-256 almost broken? Catching Axios New Rowhammer, dubbed GPUBreach, gives you root Windows 11 has sudo! (And SSH...) And Inside a Kubernetes Scanning Fleet Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40793545
info_outline
Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - John Bruggeman, Christy Wyatt, John Anthony Smith - BSW #442
04/08/2026
Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - John Bruggeman, Christy Wyatt, John Anthony Smith - BSW #442
Autonomous AI agents are creating a new attack surface for enterprise security teams, particularly as organizations deploy agents for operational tasks such as customer support automation, data analysis, and incident response. How can we align our Zero Trust initiatives to also address the emerging Agentic AI risks? John Bruggeman, Consulting CISO at CBTS, joins Business Security Weekly to discuss how your Zero Trust readiness can also prepare you for Agentic AI deployments. Organizations are granting agents access to sensitive systems without the security controls typically required for other Zero Trust initiatives. John will help educate CISOs on what they should be doing now to get ahead of the risk, including: Agent inventory Data security controls, including data model poisoning Agent identity controls, including authorization and access levels Infrastructure security controls, including MCP servers Why More Technology Hasn’t Made Us More Secure Despite massive investment in cybersecurity tools, organizations remain vulnerable because their existing technologies are often misconfigured, poorly integrated, and disconnected from real operational risk. This keynote argues that complexity, human decision‑making, and gaps in execution—not a lack of products—are what truly empower attackers, especially as modern environments like cloud and SaaS expand the attack surface. Real security comes from simplifying, aligning, and expertly orchestrating what organizations already own, shifting the focus from buying tools to achieving disciplined, resilient outcomes grounded in breach reality. This segment is sponsored by Fenix24. Visit to learn more about them! Downtime: The New Economic Threat Downtime is costing global enterprises hundreds of billions of dollars in losses annually. Caused by cyber incidents and software failures, enterprise CISOs are searching for strategies and solutions that will accelerate recovery and restoration of business operations after cyber disruptions render systems inoperable. This segment is sponsored by Absolute Security. Visit to join The Resilient CISO Inner Circle! Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40760965
info_outline
Cthullu, BlueHammer, NK, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland - SWN #570
04/07/2026
Cthullu, BlueHammer, NK, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland - SWN #570
Radioactive Twinkies, Cthullu, BlueHammer, North Korea, CUPs, Axios, Fortinet, Cognitive Surrender, Aaran Leyland, and More on the Security Weekly News. Visit for all the latest episodes! Show Notes:
/episode/index/show/pauldotcom/id/40765890