Episodios

  • Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424

    Forrester's AEGIS Framework, the weekly news, and interviews with Fortra and Island - Jeff Pollard, Rohit Dhamankar, Michael Leland - ESW #424
    Sep 15 2025
    Segment 1 - Interview with Jeff Pollard Introducing Forrester’s AEGIS Framework: Agentic AI Enterprise Guardrails For Information Security For this episode’s interview, we’re talking to Forrester analyst Jeff Pollard. I’m pulling this segment’s description directly from the report’s executive summary, which I think says it best: As AI agents and agentic AI are introduced to the enterprise, they present new challenges for CISOs. Traditional cybersecurity architectures were designed for organizations built around people. Agentic AI destroys that notion. In the near future, organizations will build for goal-oriented, ephemeral, scalable, dynamic agents where unpredictable emergent behaviors are incentivized to accomplish objectives. This change won’t be as simple or as straightforward as mobile and cloud — and that’s bad news for security leaders who in some cases still find themselves challenged by cloud security. Segment 2 - Weekly News Then, in the enterprise security news, there’s funding and acquisitions, but we’re not going to talk about themAI’s gonna call the cops on youand everyone’s losing money on itand Anthropic agreed to pay for all the copyright infringement they did when training modelsand Otter.ai got sued for recording millions of conversations without consentBurger King got embarrassed and their lawyers didn’t like itNPM package mayhemcertificate authority hijinksAI darwin awards All that and more, on this episode of Enterprise Security Weekly. Segment 3 - Executive Interviews from Black Hat 2025 Interview with Rohit Dhamankar from Fortra Live from Black Hat 2025 in Las Vegas, Matt Alderman sits down with Rohit Dhamankar, VP of Product Strategy at Fortra, to dive deep into the evolving world of offensive security. From red teaming and pen testing to the rise of AI-powered threat simulation and continuous penetration testing, this conversation is a must-watch for CISOs, security architects, and compliance pros navigating today's dynamic threat landscape. Learn why regulatory bodies worldwide are now embedding offensive security requirements into frameworks like PCI DSS 4.0, and how organizations can adopt scalable strategies—even with limited red team resources. Rohit breaks down the nuances of purple teaming, AI-assisted red teaming, and the role of BAS platforms in enhancing defense postures. Whether you’re building in-house capabilities or leveraging external partners, this interview reveals key insights on security maturity, strategic outsourcing, and the future of cyber offense and defense convergence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more! Interview with Michael Leland from Island At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity’s most urgent realities: compromised credentials aren’t a possibility — they’re a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren’t “breaking in” anymore… they’re logging in. Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island’s enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins. Key takeaways: Why credential compromise is inevitable — and how to stop credential useHow presentation layer DLP prevents data leaks inside and outside appsReal-time blocking of phishing logins and unsanctioned SaaS accessPlug-in risk scoring, version pinning, and selective extension controlEnabling BYOD securely — even after a catastrophic laptop lossWhy many users never go back to Chrome, Edge, or Safari after switching Segment Resources: https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-424
    Más Menos
    1 h y 41 m
  • Ransomware, Agentic AI, and Supply Chain Risks: Insights from Black Hat 2025 - HD Moore, Jason Passwaters, J.J. Guy, Theresa Lanowitz, Mickey Bresman, Yuval Wollman, Jawahar “Jawa” Sivasankaran - ESW #423

    Ransomware, Agentic AI, and Supply Chain Risks: Insights from Black Hat 2025 - HD Moore, Jason Passwaters, J.J. Guy, Theresa Lanowitz, Mickey Bresman, Yuval Wollman, Jawahar “Jawa” Sivasankaran - ESW #423
    Sep 8 2025
    Doug White sits down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a powerful and timely conversation about one of cybersecurity’s most pressing threats: the software supply chain. Theresa shares fresh insights from LevelBlue’s global research involving 1,500 cybersecurity professionals across 16 countries. Together, they unpack the real-world risks of software acquisition in the API economy, the explosive growth of AI-generated code, and the rise of “vibe coding”—and how these trends are silently expanding the attack surface for organizations everywhere. Visit https://securityweekly.com/levelbluebh to download the Data Accelerator: Software Supply Chain and Cybersecurity as well as all of LevelBlue's research. In this interview, Yuval Wollman, President of CyberProof, unpacks how AI agents are not only expanding the attack surface—but reshaping the entire cyber threat landscape. Discover how ransomware-as-a-service platforms like Funksec and Dragonforce are operating with enterprise-level precision. Learn about the role of agentic AI, geopolitical cyber warfare, and why today's hackers offer better customer support than airlines. This segment is sponsored by CyberProof. Visit https://securityweekly.com/cyberproofbh to learn more about them! Doug White and Mickey Bresman, CEO of Semperis, dive deep into a conversation on the evolution of ransomware and the alarming rise of cyber extortion tactics. From the early days of encryption-only attacks to today's ransomware-as-a-service operations and hybrid threats blending digital and physical intimidation, this interview unpacks the growing sophistication of organized cybercrime. Mickey shares firsthand insights from Semperis’ recent ransomware report, including a chilling real-world example where a photo of a child was used to threaten an IT professional — illustrating how far threat actors are willing to go. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to download the 2025 Global Ransomware Report! Matt Alderman sits down with J.J. Guy, CEO & Co-Founder of Sevco Security, to unpack a 20-year industry failure finally being addressed: the disconnect between asset inventory, vulnerability visibility, and true cyber risk understanding. From the roots of CASM (Cyber Asset Attack Surface Management) to the convergence with CTE (Continuous Threat Exposure), JJ shares how Sevco is tackling today's fragmented environments — spanning cloud, on-prem, mobile, and containers — with a data-first approach. Would you like to see the Sevco platform in action? You can take a self-guided tour at https://securityweekly.com/sevcobh Doug White sits down with Intel 471 CEO Jason Passwaters for an eye-opening conversation on how cybercrime has evolved into a professional, profit-driven ecosystem. From ransomware-as-a-service to agentic AI, this interview pulls back the curtain on the real-world intel enterprises need to defend against today’s most dangerous digital threats. Jason shares how threat actors are using business models that rival legitimate startups — complete with support teams and customer service — while enterprise security teams face shrinking budgets and expanding attack surfaces. This segment is sponsored by Intel471. Visit https://securityweekly.com/intel471bh to learn more about them! CyberRisk TV sits down with HD Moore, CEO & Co-Founder of runZero, for a conversation on why vulnerability management is still failing enterprises — and what needs to change now. This interview dives deep into the real-world challenges facing security teams today: tool overload, missing assets, unauthenticated exposures, and the illusion of visibility. HD reveals how attackers are exploiting blind spots faster than defenders can react — and why unauthenticated discovery is the secret weapon defenders need. Try runZero free! Get started at https://securityweekly.com/runzerobh Jackie McGuire sits down with Jawahar Sivasankaran, President at Cyware, for an unmissable deep dive into the future of Cyber Threat Intelligence (CTI), agentic AI, and open-source security innovation. With nearly three decades of experience spanning hands-on engineering, go-to-market leadership, and cutting-edge product strategy, Jawahar shares insider insights on how CTI is evolving from fragmented alerts to unified, automated threat intelligence platforms. To explore Cyware’s new Intelligence Suite, CTI automation capabilities, and open-source AI integration protocol, visit https://securityweekly.com/cywarebh. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-423
    Más Menos
    2 h y 6 m
  • Dave Lewis talks M&A due diligence, TBD topic, the weekly news - Dave Lewis - ESW #422

    Dave Lewis talks M&A due diligence, TBD topic, the weekly news - Dave Lewis - ESW #422
    Sep 1 2025
    Interview with Dave Lewis on Security's Role in M&A Due Diligence

    In this episode, Dave Lewis from 1Password discusses the critical importance of security in mergers and acquisitions, from due diligence through integration. He explores common pitfalls, essential security assessments, and practical strategies for security leaders to protect organizational value throughout the M&A process.

    Topic: The Challenge of Breach Transparency

    Every industry concerned with safety has a process for publishing the details of accidents, incidents, and failures. Cybersecurity has yet to reach this milestone, and hiding the details of failures is holding us back. This talk will argue for the need for breach details to go public, and share strategies for finding and using some little-known sources of detailed breach data.

    Weekly Enterprise News

    Finally, in the enterprise security news,

    1. A funding, a few acquisitions, and an IPO for the first time in forever!
    2. Attackers are really actually starting to use AI now
    3. Some researcher spent all of August poking holes in all the AI tools
    4. Someone got Microsoft Copilot to be an accomplice in a coverup
    5. Microsoft is making a big change in Azure that will probably break some stuff
    6. No, Flipper Zero can’t help you steal your car (just the stuff in it)
    7. Domain names are free to register now, maybe?
    8. Disgruntled former employee goes to jail
    9. AI tricked into doing more bad things

    All that and more, on this episode of Enterprise Security Weekly.

    This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them!

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-422
    Más Menos
    1 h y 46 m
  • Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Harish Peri - ESW #421

    Oktane Preview with Harish Peri, Invisible Prompt Attacks, and the weekly news! - Harish Peri - ESW #421
    Aug 25 2025
    Interview with Harish Peri from Okta

    Oktane Preview: building frameworks to secure our Agentic AI future

    Like it or not, Agentic AI and protocols like MCP and A2A are getting pushed as the glue to take business process automation to the next level. Giving agents the power and access they need to accomplish these lofty goals is going to be challenging, from a security perspective.

    How do put AI agents in the position to perform broad tasks autonomously without granting them all the privileges? How do we avoid making AI agents a gold mine for attackers - the first place they stop once they hack into our companies? These are some examples of the questions Okta aims to answer at this year’s Oktane event, and we aim to kick off the conversations a little early - with this interview!

    Segment Resources:

    • Check out securityweekly.com/oktane for all our live coverage during the event this year!
    • More information about the event and how you can attend can be found here: https://www.okta.com/oktane/
    • AI at Work 2025: Securing the AI-powered workforce
    Topic - Indirect Prompt Injection Getting Out of Hand

    Reports of indirect prompt injection issues have been around for a while. Of particular note was Michael Bargury's Living off Microsoft Copilot presentation from Black Hat USA 2024. Simply sending an email to a Copilot user could make bad stuff happen.

    Now, at Black Hat 2025, we've got more: the ability to plunder any data resource connected to ChatGPT (they call these integrations "Connectors") from Tamir Ishay Sharbat at Zenity Labs. The research is titled AgentFlayer: ChatGPT Connectors 0click Attack.

    Looks like Google Jules is also vulnerable to what the Embrace the Red blog is calling invisible prompts. Sourcegraph's Amp Code is also vulnerable to the same attack, which encodes instructions to make them invisible.

    What's really going to ruffle feathers is the fact that all these companies know this stuff is possible, but don't seem to be able to figure out how to prevent it. Ideally, we'd want to be able to distinguish between intended instruction and instructions injected via attachments or some other means outside of the prompt box. I guess that's easier said than done?

    News

    Finally, in the enterprise security news,

    1. Drones are coming for you… to help?
    2. One of the most powerful botnets ever goes down
    3. Phishing training is still pointless
    4. Microsoft sets an alarm on its phone for 8 years from now to do post-quantum stuff
    5. vulns galore in commercial ZTNA apps
    6. GenAI projects are struggling to make it to production
    7. Adblockers could be made illegal - in Germany
    8. Windows is getting native Agentic support
    9. Automating bug discovery AND remediation?
    10. Public service announcement: time is running out for Windows 10

    All that and more, on this episode of Enterprise Security Weekly.

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-421
    Más Menos
    1 h y 49 m
  • Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420

    Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420
    Aug 18 2025
    Interview with Snehal Antani - Rethinking Risk-Based Vulnerability Management

    Vulnerability management is broken. Organizations basically use math to turn a crappy list into a slightly less crappy list, and the hardest part of the job as a CIO is deciding what NOT to fix. There has to be a better way, and there is...

    Segment Resources:

    • https://horizon3.ai/intelligence/blogs/vulnerability-management-is-broken-there-is-a-better-way/

    This segment is sponsored by Horizon3.ai. Visit https://securityweekly.com/horizon3 to learn more about them!

    Topic - Andy Ellis's Black Hat Expo Experience

    Andy Ellis visited every booth at Black Hat. Every. Single. One. He wrote up what he learned and we discuss his findings!

    https://www.duha.co/state-of-security-vendors-blackhat-2025/

    News

    Finally, in the enterprise security news,

    1. Tons of handy new and free tools!
    2. is cybersecurity really at the latter stages of consolidation?
    3. new books
    4. is our obsession with risk quantification hurting our credibility?
    5. AI trends
    6. is there an impending AI layoff-pocalypse?
    7. we explain the kids’ favorite new term: Clanker

    All that and more, on this episode of Enterprise Security Weekly.

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-420
    Más Menos
    1 h y 56 m
  • ESW at BlackHat and the weekly enterprise security news - ESW #419

    ESW at BlackHat and the weekly enterprise security news - ESW #419
    Aug 11 2025
    Topic Segment - What's new at Black Hat?

    We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah!

    News Segment

    Then, in the enterprise security news,

    1. Tons of funding!
    2. SentinelOne picks up an AI security company weeks after Palo Alto closes the Protect AI deal
    3. Vendors shove AI agents into everything they’ve got
    4. Why SOC analysts ignore your playbooks
    5. NVIDA pinkie swears to China: no back doors!
    6. ChatGPT was allowing shared chat sessions to be indexed and crawled by search engines like Google
    7. Who is gonna secure all this vibe code?
    8. Who is gonna triage all these hallucinated bug reports?
    9. Perplexity and Cloudflare duke it out
    10. When you try to scrub your shady past off the Internet, it might just make things worse.

    All that and more, on this episode of Enterprise Security Weekly.

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-419
    Más Menos
    46 m
  • Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418

    Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418
    Aug 4 2025
    The Weekly Enterprise News (segments 1 and 2)

    This week, we’ve had to make some last minute adjustments, so we’re going to do the news first, split into two segments.

    This week, we’re discussing:

    1. Some interesting funding
    2. Two acquisitions - one picked up for $250M, the other slightly larger, at $25 BILLION
    3. Interesting new companies!
    4. On the 1 year anniversary of that thing that happened, Crowdstrike would like to assure you that they’re REALLY making sure that thing never happens again
    5. Flipping the script
    6. How researchers rooted Copilot, but not really
    7. talks to check out at Hacker Summer Camp
    8. detection engineering tips
    9. the Cloud Security Alliance has a new AI Controls Matrix
    10. sending in the National Guard to handle a breach!
    11. and how to read an AI press release
    Interview: Guillaume Ross on Building Security from Scratch

    Guillaume shares his experiences building security from scratch at Canadian FinTech, Finaptic. Imagine the situation: you're CISO, and literally NOTHING is in place yet. No policies, no controls, no GRC processes. Where do you start? What do you do first? Are there things you can get away with that would be impossible in older, well-established financial firms?

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-418
    Más Menos
    1 h y 46 m
  • tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417

    tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417
    Jul 28 2025
    Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis

    Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the lessons to be learned from this incident represent fundamental changes to how we architect development environments.

    Why are we talking about it now, 4 months after it occurred? In the case of the Equifax breach, the most useful details about the breach didn’t get released to the public until 18 months after the incident. It takes time for details to come out, but in my experience, the learning opportunities are worth the wait.

    Topic Segment - Should the US Go on the Cyber Offensive?

    Triggered by an op-ed from Dave Kennedy, the discussion of whether the US should launch more visible offensive cyber operations starts up again. There are a lot of factors and nuances to discuss here, and a lot of us have opinions here. We'll see if we can do any of it justice in 15 minutes.

    News Segment

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-417
    Más Menos
    1 h y 42 m