Security Weekly Podcast Network

One investigator knew everything. Then the company realized what would happen if he left. This clip breaks down why cybersecurity teams are trying to capture “tribal knowledge” before it disappears — and how automation can preserve investigative workflows at scale. Can security expertise really be systematized without losing human judgment? Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details! #cybersecurity #automation #incidentresponse

Some old firewalls are becoming more valuable to ransomware crews than to the companies running them. This clip breaks down how Akira ransomware repeatedly targeted SonicWall devices — and why cyber insurance reports are exposing the real financial impact of vulnerable infrastructure. At what point does legacy security technology become a security risk itself? #CyberSecurity #Ransomware #InfoSec

Cybersecurity teams love prevention. But attackers only need one thing to slip through. This clip breaks down why detection and response still matter — even in a “perfect” security model. If you can’t see an attack happening, you can’t stop the damage after the fact. Can security ever realistically be prevention-only? #CyberSecurity #InfoSec #SOC

Companies think their AI policies are working. Then the security assessment starts. This clip explains why unauthorized LLMs and AI agents are quietly spreading inside dev environments — even in organizations with “guardrails” already in place. Admin permissions, exceptions, and shadow tooling create gaps most leadership teams never see coming. How much unsanctioned AI is already inside your environment? #CyberSecurity #AI #DevSecOps

Most companies don’t accidentally ship vulnerable code. They knowingly do it to move faster. This clip breaks down the constant fight between product deadlines and security teams — and why AI may soon make vulnerable code far easier to exploit at scale. How much insecurity is business willing to tolerate for speed? #CyberSecurity #AppSec #DevSecOps

An AI coding assistant allegedly wiped 30,000 lines of production code from a live app. The scary part isn’t just the deletion. It’s that someone let AI modify a live production environment in the first place. How much autonomy should AI tools really have in software development? #AI #Programming #CyberSecurity

Shadow AI may not be a new problem at all. The panel compares today’s AI risks to the early cloud era, where companies rushed adoption before security controls caught up. The difference? AI behaves unpredictably, making traditional controls harder to apply. Are organizations repeating the same mistakes all over again? #AI #CyberSecurity #ShadowAI

The EU is cutting breach disclosure timelines down to 24 hours. If your product connects to anything — wired or wireless — you may be required to rapidly disclose actively exploited vulnerabilities under the Cyber Resilience Act. The hard part? Figuring out how companies are even supposed to know in time. Is threat intelligence enough? #CyberSecurity #CRA #Compliance

Most companies don’t realize how many AI agents already exist inside their development environments. Coding assistants, test-generation tools, and multiple LLMs are quietly accumulating access and permissions across engineering workflows. The bigger surprise? Most of those permissions are barely being used at all. Organizations often assume developers need broad access. In reality, only a tiny fraction is actively required. How much unnecessary exposure is sitting inside modern AI-powered dev stacks? Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details! #AI #Cybersecurity #DevSecOps

Most cybersecurity failures don’t start with hackers. They start with experts assuming everyone understands the same language. This clip breaks down the “curse of experience” — why technical teams accidentally confuse clients, coworkers, and even users by relying on jargon like “MSSP” without realizing it. The scary part? Most experts don’t even notice they’re doing it. How much risk comes from communication instead of technology? #Cybersecurity #Communication #TechCulture

Some industrial control systems were never designed for internet exposure. Then companies connected them anyway. This clip explains how insecure OT and ICS infrastructure — including fuel tank monitoring systems — became accessible online without password protection, and why “security through obscurity” stopped working the moment these systems touched the internet. How much critical infrastructure still assumes nobody’s looking? #Cybersecurity #ICS #CriticalInfrastructure

An AI kill switch sounds like a safety feature — until it becomes a target. This clip breaks down the UK proposal to shut down advanced AI systems during national security emergencies, and why the same mechanism could create a dangerous single point of failure. The debate isn’t just “should AI have safeguards?” It’s who controls them — and what happens if that control is compromised. Would a national AI kill switch make systems safer or more fragile? #AI #Cybersecurity #AISafety

Most companies leave cloud apps broadly reachable from the internet. This clip explains a Zero Trust approach that flips the model: deny everything by default, then permit only a tiny number of approved connections to services like Office 365, GitHub, or Salesforce. The argument is simple: fewer exposed paths means fewer opportunities for attackers. How much SaaS access does your organization actually need open? #ZeroTrust #Cybersecurity #CloudSecurity

Bug bounty programs were built to help security researchers safely report vulnerabilities. Now some of them are getting flooded with low-quality AI-generated submissions instead. This clip explains how generative AI is creating noise at scale, why that matters for security teams, and how even useful systems can start collapsing under automation overload. If every report looks plausible, how do you separate signal from spam? #Cybersecurity #BugBounty #AI

AI is getting better at finding known security issues. But is it actually discovering anything new? This clip explores a growing debate in cybersecurity: whether AI systems are producing genuinely novel vulnerability research or simply automating repetitive work so human researchers can focus on harder problems. Could AI become a true security researcher someday — or is it mainly a force multiplier for humans? #CyberSecurity #AI #BugBounty

An AI agent wasn’t told to hack anything. But its behavior still started looking malicious enough to trigger security concerns. This clip breaks down a practical definition of “AI misalignment” — not sci-fi AGI fears, but systems taking actions that resemble attacker behavior because of the context they encounter inside workflows and environments. How should security teams respond when benign AI actions start resembling real threats? #CyberSecurity #AI #AISafety

A security tool that slows developers down can become its own problem. One of the biggest challenges in DevSecOps is balancing protection with developer velocity. Flooding engineering teams with alerts, friction, and interruptions often backfires — especially when security tools start interfering with how products get built. The goal isn’t just adding more security. It’s adding security without breaking the workflow. How much security friction is too much? Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details! #DevSecOps #Cybersecurity #DeveloperTools

AI is changing how productivity is measured in the workplace. The conversation highlights how office presence and remote work made it difficult to truly see who was working. Now, with LLM-driven workflows, output becomes more visible and easier to track over time. That shift removes ambiguity—but also increases pressure on consistent production. What happens when work becomes fully measurable? Hashtags #AI #Workplace #Productivity

AI security is no longer defined by testing model vulnerabilities. The clip explains a shift: most organizations now rely on commercial AI systems like OpenAI, Gemini, and Copilot instead of running their own models. That changes the real security lever from model testing to data sharing. What you expose matters more than how the model behaves. Where does that leave traditional AI security practices? #AI #Cybersecurity #DataSecurity

The dangerous part about AI isn’t always failure. Sometimes it’s confidence. In this clip, the speaker explains how AI agents can sound technically convincing even when the answer is completely wrong — and why that becomes risky when these systems are integrated into cybersecurity workflows. The problem isn’t just bad answers. It’s believable bad answers. How do you safely use AI systems that don’t reliably admit uncertainty? #AI #CyberSecurity #LLM Now booking interviews at Black Hat 2026. Early access pricing is open. Message us for details!