Amanda King was a Senior Director of Breakthrough Technology at an aerospace and defense company when she learned she was on a list of 77 people specifically targeted by Iran's Charming Kitten APT group. In this episode, she tells the full story: how the Associated Press tried to reach her three times, what the attackers accessed, how a US government agency got involved, and what she changed in her personal and professional life afterward.

The conversation covers the real-world experience of being targeted by a nation-state actor, the gap between corporate and personal security, what it's like when a three-letter agency asks for access to your life, and how the experience shaped Amanda's approach as she moved into executive roles. Amanda also shares her perspective on resilience, including her cancer journey, and a practical framework for processing difficult experiences.

Hosts: Joe Patti and Adam Roth. Recorded March 14, 2026.

Luke Canfield has been building, flying, and hacking drones for years. In this episode, he walks us through the real intersection of drones and cybersecurity — war-flying attacks on financial institutions, cartel drone operations at the US-Mexico border, DIY drone building with no attribution, and why "security exists in three dimensions."

Topics covered:

• War-flying: aerial man-in-the-middle attacks with drone-mounted Wi-Fi Pineapples
• 3 real cases of drone-based cyberattacks against financial institutions
• Mexican cartels: 330+ drone incursions/day at the US border
• Ukraine: how the conflict advanced drone tech by 15 years
• Drone detection: RF tracking, acoustic sensors, radar, AI
• FAA regulations and fines up to $100K
• Disaster response: mesh networks and radio repeaters via drones
• The coming Part 108 era and why a fake Amazon drone is the next attack vector

Guest: Luke Canfield — cybersecurity professional and drone security researcher
Learn more: https://www.lsechub.com

Connect: securitycocktailhour.com | Newsletter: securitycocktailhour.com/newsletter

Sharon Isaaci and David Warshavski spent careers on the offensive side of cybersecurity — breaking into organizations, finding zero-days, and cleaning up after the breaches that followed at Sygnia, Israel's premier incident response firm. After hundreds of engagements, they kept finding the same thing on both sides of the wire: breaches happen not because vulnerabilities go undetected, but because they go unmanaged.

Vulnerability management has been stuck for 30 years. More tools, more alerts, more dashboards — and vulnerability exploitation as a breach cause nearly tripled in 2024 alone. When ChatGPT arrived in late 2022, Sharon and David saw the missing piece: the organizational context that could fix the problem had always existed, scattered across Slack, email, wikis, and internal tools. GenAI finally made it possible to pull that together at scale.

In this conversation, we get into how two practitioners who've spent careers attacking organizations are now applying that attacker's lens — automated with AI — to break open a field that's resisted change for decades. We cover why visibility was never the real problem, what context-driven prioritization actually looks like, and what it takes to mobilize the people who do the patching.

This one is for practitioners who've lived the frustration. And for anyone watching AI get applied to a real, stubborn problem — not as a marketing claim, but as the thing that finally moves the needle.

Follow us for more conversations with practitioners who've been in the trenches.

00:00 Intro & Guest Introductions

05:35 Vulnerability Management: Still a Problem

09:45 AI as a Security Solution, Not a Problem

15:47 Visibility is Easy; Context is Hard

29:46 Leveraging the Hacker Mindset

35:29 We Need Less Findings, Not More

42:39 We're in Exciting Times

Website: https://securitycocktailhour.com

Newsletter: https://securitycocktailhour.com/newsletter

LinkedIn: https://www.linkedin.com/company/security-cocktail-hour

Twitter/X: @SecCocktailHour

Enjoyed this episode? Follow us and share with colleagues who'll enjoy honest discussions among security professionals.