エピソード

  • DARPA’s Andrew Carney on AIxCC’s quest for truly autonomous AI

    DARPA’s Andrew Carney on AIxCC’s quest for truly autonomous AI
    2025/06/26
    Greg Otto talks with Andrew Carney, project manager at DARPA, about the AIxCC competition. With the finals set to be held in August during DEF CON, they discuss how these autonomous systems fared in detecting and remediating vulnerabilities, as well as the key lessons learned from live exercises and the semifinals. The conversation highlights DARPA's vision to merge formal software engineering with large language models to dramatically reduce software vulnerabilities and explains the scientific and engineering advances still needed to achieve this goal at scale. We also examine the challenges of safeguarding critical infrastructure, particularly when so much depends on open-source projects maintained by volunteers, and consider the impact of AI on patch deployment, code verification, and sustainable defense. In the reporter chat, Greg talks with Matt Kapko about a story debunking the 16 billion password hack.
    続きを読む 一部表示
    52 分
  • RSA CEO Rohit Ghai on the promise and peril of passkeys

    RSA CEO Rohit Ghai on the promise and peril of passkeys
    2025/06/12
    Greg Otto talks with RSA CEO Rohit Ghai on the global shift toward passkeys and passwordless authentication. Together, they explore pressing issues including the differences between consumer and enterprise solutions, infrastructure vulnerabilities, regulatory challenges, and how emerging threats are evolving as passwordless adoption accelerates. The discussion also covers the complexities practitioners face as they navigate credential transitions in a rapidly changing security landscape. In the reporter chat, Greg talks with Matt Kapko about the attack on a top grocery distributor in the United States.
    続きを読む 一部表示
    41 分
  • MIND’s Eran Barak

    MIND’s Eran Barak
    2025/06/05
    Greg Otto talks with Eran Barak, CEO and co-founder of MIND, on the dramatic rise of insider threats in cybersecurity, exploring recent high-profile cases and the factors fueling this surge. He discusses which industries and data types are most at risk, how insider tactics have evolved, and practical strategies for organizations to detect and prevent internal threats. In our reporter chat, Greg talks with Derek Johnson on how vibe coding can be secure as it grows into a practice that software developers rely on for their work. LINK: https://cyberscoop.com/vibe-coding-ai-cybersecurity-llm/
    続きを読む 一部表示
    34 分
  • Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers

    Bishop Fox’s Rob Ragan and Iron Man Suit for pen testers
    2025/05/29
    Greg Otto talks with Rob Ragan, Principal Technology Strategist at Bishop Fox, as he shares his vision of building an “Iron Man suit” for human security testers that is shaping how AI is used in offensive cybersecurity. Rob dives into lessons learned from developing adaptive AI tools, the unique challenges and risks facing modern AI systems, and effective strategies for safeguarding against adversarial attacks and data leakage. Discover how ethical frameworks, innovation, and industry collaboration can drive responsible offensive security, what organizations often get wrong about AI threats, and what’s needed to secure the future as AI transforms the cybersecurity landscape. In our reporter chat, Greg Otto talks with Matt Kapko about a new wave of zero-days impacting Ivanti products.
    続きを読む 一部表示
    30 分
  • Olivia Rose on why the CISO role may not be the pinnacle of security work

    Olivia Rose on why the CISO role may not be the pinnacle of security work
    2025/05/22
    In this episode, Greg sits down with Olivia Rose, Founder and CISO of the Rose CISO Group, to talk about her role in "CISO: The Worst Job I Ever Wanted," a groundbreaking cybersecurity docuseries that reveals the real experiences of Chief Information Security Officers. This podcast uncovers the pressures, sleepless nights, and personal sacrifices these leaders endure while making critical decisions and shouldering the responsibility of defending the digital world. Through honest and compelling stories, listeners gain a rare glimpse into the human side of one of the most challenging and misunderstood roles in technology. In our reporter chat, Greg Otto talks with Derek Johnson and Tim Starks about their deep dives into why Salt Typhoon may never be out of U.S. telecom systems.
    続きを読む 一部表示
    45 分
  • Semperis CEO Mickey Bresman on the power of tabletop exercises

    Semperis CEO Mickey Bresman on the power of tabletop exercises
    2025/05/15
    In this episode, Greg sits down with Semperis CEO Mickey Bresman to explore how organizations can proactively prepare for cyber crises before they strike. The conversation centers on the power of tabletop exercises—simulated attack scenarios that test response plans, reveal hidden vulnerabilities, and build muscle memory across teams. Together, Greg and Mickey discuss why preparation is far more than a technical checklist, how effective tabletop exercises bridge the gap between policy and real-world action, and what practical steps leaders can take to protect their organizations from the inside out. In our reporter chat, Greg Otto talks with Cynthia Brumfield about the future of the CVE program.
    続きを読む 一部表示
    35 分
  • Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs

    Expel CEO Dave Merkel on the impact of AI & Automation in modern SOCs
    2025/05/08
    In this episode, we sit down with Dave Merkel, CEO of Expel to take an honest, practical look at how AI and automation are reshaping the modern Security Operations Center (SOC). Our discussion covers the most tangible changes in daily SOC operations since AI adoption, cutting through industry hype to reveal which claims deserve skepticism and which use cases have delivered meaningful, measurable value. Dave also gives insights into quantifying unique workloads, shaping policies, and fostering understanding between tech teams and business leaders are also addressed, along with the unintended risks AI can introduce to analyst workflows. In our reporter chat, Greg Otto talks with Tim Starks about a jury verdict that compels NSO Group to pay $168M in damages to WhatsApp over spyware infections.
    続きを読む 一部表示
    32 分
  • Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team

    Recorded Future’s Alexander Leslie on the ‘MarkoPolo’ traffer team
    2025/05/01
    In this episode, Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group and his research on “Marko Polo” – a notorious cybercriminal empire that orchestrates an array of scams, primarily using infostealer malware. Discover how this sophisticated syndicate has victimized tens of thousands worldwide and raked in millions in illicit revenue. Our guest breaks down the inner workings of these elusive "traffer teams," exploring their adaptable tactics, relentless persistence, and the insidious underground economy they fuel. Greg Otto breaks down his biggest takeaways from the RSAC 2025 Conference.
    続きを読む 一部表示
    33 分