🎙️Inverted Product Management Podcast #8: Social Engineering – The Human Factor in Security🎙️

In this episode of the Inverted Product Management Podcast, hosts Jeroen Kemperman, Dana Kaufman, Dario Salice, and Tom Williamson dive deep into the world of social engineering and its impact on modern security practices. The panel shares real-world stories—from SIM swap scams to high-profile breaches—illustrating how attackers exploit human vulnerabilities rather than technical flaws.Key topics include:

• What social engineering is and why it’s so effective
• How attackers use urgency, pressure, and personal interaction to bypass security
• The importance of defense-in-depth and minimizing human decision points in critical flows
• Strategies for organizations to educate employees and build resilience against social engineering
• The evolving role of AI in both defending and attacking security systems

Whether you’re a product manager, security professional, or just curious about the human side of cybersecurity, this episode offers practical insights and actionable advice to help you protect your organization from the weakest link: people.🎧Listen, learn, and join the conversation!🎧Find us on LinkedIn, Spotify, YouTube, Amazon Music/Audible, and leave a message with your thoughts or questions.

✅  Subscribe for more deep dives into the world of inverted product management!✅ 🔗 Join the conversation in the Inverted Product Management community on LinkedIn.Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/

Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

🎙️ Episode 7: Scraping, Extensions & the Shifting Threat Landscape – What Inverted PMs Need to Know 🎙️In this episode of the Inverted Product Management Podcast, hosts Dario, Dana, and Tom tackle the evolving world of web scraping and the surprising role browser extensions play in enabling abuse. Inspired by a recent discovery of a botnet embedded in Chrome extensions, the team explores: ✅ How attackers embed scraping into legitimate user traffic ✅ Why traditional anti-scraping defenses are no longer enough ✅ The importance of understanding attacker business models ✅ How to impose cost and disrupt adversary infrastructure ✅ The role of threat sharing and platform accountability ✅ Why security PMs must assume breach and plan for evolution

This episode references an interesting article you can find here on an innovative scraping attack vector: ⁠https://secureannex.com/blog/mellow-drama/

Whether you're defending a consumer app, managing enterprise risk, or building trust and safety tools, this episode offers practical insights and strategic frameworks for staying ahead of attacker innovation. 🎙️ Subscribe for more deep dives into the world of inverted product management!🔗 Join the conversation in the Inverted Product Management community on LinkedIn.Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/#SecurityPM #ProductManagement #WebScraping #BrowserExtensions #Cybersecurity #InvertedPM #TrustAndSafety #ThreatModeling #abuseprevention Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

🎙️ Episode 6: Using Cost to Defend Against Abuse – Strategic Friction in Security Product Management🎙️In this episode of Inverted Product Management Podcast, hosts Jeroen, Dario, and Dana explore how injecting cost into attacker journeys can disrupt abuse at scale—without alienating legitimate users.

From fake accounts to hijacked credentials, the team breaks down: ✅ How attackers operate like businesses—and how to break their margins ✅ Creative ways to impose cost: throttling, device locks, time delays, and more ✅ Balancing friction: minimizing impact on real users while maximizing pain for abusers ✅ Real-world examples of phone farms, crypto mining, and call center scams ✅ Why understanding attacker ROI is key to effective defenses ✅ How threat sharing and infrastructure disruption create durable protection Whether you're a security PM, fraud analyst, or product leader, this episode offers practical frameworks and fresh insights  into how cost-based thinking can reshape your defenses. 🎙️ Subscribe for more deep dives into the world of inverted product management!🔗 Join the conversation in the Inverted Product Management community on LinkedIn.Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/#SecurityPM #ProductManagement #FraudPrevention #Cybersecurity #InvertedPM #ThreatModeling #TrustAndSafety #AbusePrevention #IdentityProtection Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

🎙️ Episode 5: Business Models for Inverted Products – Security, Identity & Trust at Scale 🎙️In this episode of Inverted Product Management Podcast, hosts Dana, Dario, Tom, and special guest Mark Risher explore the complex business models behind security and identity products—where success often means nothing happens.From startups to global platforms, the conversation dives into:✅ The tension between speed and security in early-stage companies✅ Why naive implementations of 2FA and identity can backfire✅ How trust, privacy, and user friction shape product adoption✅ Flat pricing vs. per-user models—and the hidden costs of scale✅ The challenge of aligning growth and security teams in large organizations✅ Real-world stories of breaches, misconfigurations, and the cost of prevention

Whether you're building a consumer app, managing enterprise security, or navigating identity infrastructure, this episode offers practical insights and strategic frameworks for inverted PMs working at the intersection of safety and scale.

🎙️ Subscribe for more deep dives into the world of inverted product management!🔗 Join the conversation in the Inverted Product Management community on LinkedIn.Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/

This episode's special guest is Mark Risher: https://www.linkedin.com/in/mrisher/ from Outgoing: https://www.linkedin.com/company/out-going/

Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

💥 Episode 4: Damage as the Ultimate Metric in Security Product Management 💥In this episode of Inverted Product Management Podcast, hosts Dana, Dario, Tom, and Williamson explore a powerful concept: damage as the ultimate metric in security, abuse prevention, and identity protection.Traditional metrics like prevention and detection often pull teams in opposite directions. But what if we focused on reducing actual harm—financial, reputational, and operational?Tune in as we discuss:✅ Why damage offers a unified metric across prevention and detection✅ Real-world examples of high-impact harm—from fake ads to election interference✅ How companies can quantify and prioritize damage✅ Tools and strategies to reduce attacker impact without hurting legitimate users✅ The evolving nature of damage and why it must be continuously reassessedWhether you're a security PM, risk strategist, or tech leader, this episode offers actionable insights into how damage-based thinking can reshape your product strategy and protect your users.🎙️ Subscribe for more deep dives into the world of inverted product management!🔗 Connect with us on LinkedIn and share your thoughts in the comments!Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/Your Inverted Product Manager Podcast hosts:➡️Jeroen Kemperman: https://www.linkedin.com/in/kempermanjjr/➡️Dana Kaufman: https://www.linkedin.com/in/dskaufman/➡️Dario Salice: https://www.linkedin.com/in/dasali/➡️Tom Williamson: https://www.linkedin.com/in/tomdwilliamson/#productmanagement #Cybersecurity #SecurityPM #DamageMetric #FraudPrevention #InvertedPM #RiskManagement #identityprotection Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

🔍 Episode 3: Critical Attacker Journey – The Inverted PM Perspective 🔍

Welcome to Episode 3 of Inverted Product Management Podcast! This time, we take a deep dive into Critical Attacker Journeys, the flip side of traditional user experiences that inverted PMs must navigate to manage security, fraud, and abuse prevention.

Join hosts Dana, Tom, Dario, and Williamson as they break down:

✅ How security teams shift their thinking from user engagement to threat prevention

✅ The phases of an attacker journey – reconnaissance, execution, and post-attack cleanup

✅ Real-world examples of identity protection and account compromise defense

✅ The crucial distinction between reducing friction for users vs. removing attackers

Whether you're a security PM, cybersecurity leader, or fraud prevention strategist, this episode gives actionable insights into shaping defenses and protecting digital ecosystems.

In Podcast #3 we explore the Critical Attacker Journey – The Inverted PM Perspective:

➡️ Introductions

➡️What is an Attacker Journey?

➡️How can you use the Critical Attacker Journey to develop security software?

➡️Advice for new product security people on who to use Attacker Journeys

➡️How can Critical Attacker Journeys be used for security strategy?

➡️ Passkeys and World Passkey Day

Article: If we want a passwordless future, let's get our passkey story straight

https://www.zdnet.com/article/if-we-want-a-passwordless-future-lets-get-our-passkey-story-straight/

🎙️ Subscribe for more expert discussions on the world of inverted product management!

🔗 Connect with us on LinkedIn and share your thoughts in the comments!

Inverted PM LinkedIn Group: https://www.linkedin.com/groups/12902712/

Your Inverted Product Manager Podcast hosts:

- Jeroen Kemperman: https://www.linkedin.com/in/kempermanjjr/

- Dana Kaufman: https://www.linkedin.com/in/dskaufman/

- Dario Salice: https://www.linkedin.com/in/dasali/

- Tom Williamson: https://www.linkedin.com/in/tomdwilliamson/

#ProductManagement #Cybersecurity #SecurityPM #FraudPrevention #InvertedPM #RiskManagement

Music by: Bensound

License code: KQNVJHTWQEBEDSEA

🔍 Episode2: The "Invisible Line" - the measurement of badness in your systems 🔍This podcast series explores topics related to the creation and use of product in the areas of Security, privacy, online safety, infrastructure security etc. We call these people Inverted Product people because the primary goals for these product people are somehow inverted: success is "when nothing happens". There are fundamental differences in metrics, strategies, personas, communication, and road mapping from the ones of “traditional product teams” Join hosts Dana, Tom, Dario, and Williamson as they break down:✅ What is the Invisible Line?✅Can we read into the line going up (catching more badness)?✅What about the line going down (catching less badness)?✅ How should leadership interpret changes in the line?✅ Detection vs Protection - what is your goal?✅ The need for robust detections✅ Difference between the invisible line and visible line✅ How to estimate the invisible line?✅ How do you align your measurements? ✅ Are you evaluating the bad actor influence on your measurements?✅ How much effort are you putting into reporting?✅ What's in the news (Have I Been Pwned attack)➡️ Don't throw stones in a glass house➡️ Never waste a good crisisReferenced article - Troy Hunt of "Have I Been Pwned" blog of the attack: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/Music by: BensoundLicense code: KQNVJHTWQEBEDSEA

This podcast series explores topics related to the creation and use of product in the areas of Security, privacy, online safety, infrastructure security etc. We call these people Inverted Product people because the primary goals for these product people are somehow inverted: success is "when nothing happens". There are fundamental differences in metrics, strategies, personas, communication, and road mapping from the ones of “traditional product teams” Your hosts on this journey are:- Jeroen Kemperman: https://www.linkedin.com/in/kempermanjjr/- Dana Kaufman: https://www.linkedin.com/in/dskaufman/- Dario Salice: https://www.linkedin.com/in/dasali/- Tom Williamson: https://www.linkedin.com/in/tomdwilliamson/
In Podcast #1 we explore the following topics:- Introductions- What is Inverted Product Management?- Different Users- The Invisible Line- Strategy Decisions in the Inverted Space- Critical User Journeys vs Critical Attacker Journeys- Allowing User Customization of Security features- AI in Identity productsYou can find us at the LinkedIn Inverted Product Manager Group: https://www.linkedin.com/groups/12902712/