Best SecurityWeek Podcasts (2025)

1
Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More... - SWN #503 35:09

3d ago35:09

35:09

Creepy chatbots, Fortinet, CISA, Agentic AI, FIDO, EDR, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-503

1
Hackberry PIs and Other Hacker Things - PSW #887 2:08:42

4d ago2:08:42

2:08:42

We kick things off with a deep dive into the Hackberry PI and how to build one. Then in the security news: Will Perplexity buy Chrome? ESP32 Bus Pirates Poisoned telemetry Docker image security Fully Open Source Quantum Sensors Securing your car, Flippers, and show me the money Bringing your printer and desktop to Starbucks Paying a ransom? You nee…

1
Defending Trust & Reputation as CISOs and Leaders Prepare Their AI Strategy - Santosh Nair - BSW #408 50:05

5d ago50:05

50:05

As brands grow more digital, the threats grow more personal. Attackers impersonate executives, spin up fake websites, and leak sensitive data — hurting business reputations and breaking customer trust. How do you defend your organization's reputation and customers' trust? Santosh Nair, Co-Founder and CTO at Styx Intelligence, joins Business Securit…

1
300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet... - SWN #502 34:14

6d ago34:14

34:14

300 Baud, Buddy Hackett Nudes, Dell, badUSB, Exchange, Erlang/OTP, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-502

1
The Future of Supply Chain Security - Janet Worthington - ASW #343 42:13

6d ago42:13

42:13

Open source software is a massive contribution that provides everything from foundational frameworks to tiny single-purpose libraries. We walk through the dimensions of trust and provenance in the software supply chain with Janet Worthington. And we discuss how even with new code generated by LLMs and new terms like slopsquatting, a lot of the most…

1
Reimagining Security Operations: SOC as a Service and the Role of AI - Kevin Nikkhoo - CSP #215 28:26

7d ago28:26

28:26

1
ESW at BlackHat and the weekly enterprise security news - ESW #419 45:44

7d ago45:44

45:44

Topic Segment - What's new at Black Hat? We're coming live from hacker summer camp 2025, so it seemed appropriate to share what we've seen and heard so far at this year's event. Adrian's on vacation, so this episode is featuring Jackie McGuire and Ayman Elsawah! News Segment Then, in the enterprise security news, Tons of funding! SentinelOne picks …

1
SonicWall, Informants Exposed, Cisco Vishing, Perplexity, GPT‑5, Josh Marpet–SWN #501 - SWN #501 34:23

10d ago34:23

34:23

Hello and welcome to security weekly news, episode 501, on Aug 8, 2025. This week we have, SonicWall, Confidential Informants Exposed, Cisco Vishing, Perplexity vs robots.txt, Microsoft’s Project Ire, Meta–Flo Jury Verdict, GPT‑5 Lands, TeaOnHer Data Leak, Josh Marpet, and more on the Security Weekly News.. Show Notes: https://securityweekly.com/sw…

1
Devices Are Attacking - PSW #886 2:08:14

11d ago2:08:14

2:08:14

Why should hate AI When firmware attacks The 300 second breach Old ways still work, AI might help And so begins the crawler wars Turn off your SonicWall VPN Your Pie may be wrapped in PII Attackers will find a way Signed kernel drivers D-Link on the KEV Rasperry PIs attack Stealthy LoRa LLM's don't commit code, people do Jame's Bond style rescue wi…

1
Say Easy, Do Hard - AI Governance in the Supply Chain - Nick Mistry, Richard Bird - BSW #407 54:55

12d ago54:55

54:55

Recent findings of AI ecosystem insecurities and attacks show the importance of needing AI governance in the supply chain. And this supply chain is rapidly expanding to include not only open-source software but also collaborative platforms where custom models, agents, prompts, and other AI resources are used. And with this expansion of third-party …

1
MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warning, Claude v GPT-5, Josh Marpet - SWN #500 32:30

13d ago32:30

32:30

MFA Bypass, SonicWall, BIOS Shade, Sex Toys, FBI Warnings, Claude vs GPT-5, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-500

1
Uniting software development and application security - Jonathan Schneider, Will Vandevanter - ASW #342 58:07

13d ago58:07

58:07

Maintaining code is a lot more than keeping dependencies up to date. It involved everything from keeping old code running to changing frameworks to even changing implementation languages. Jonathan Schneider talks about the engineering considerations of refactoring and rewriting code, why code maintenance is important to appsec, and how to build con…

1
Weekly Enterprise Security News and Tips on Building Security From Day 1 - Guillaume Ross - ESW #418 1:45:52

14d ago1:45:52

1:45:52

The Weekly Enterprise News (segments 1 and 2) This week, we’ve had to make some last minute adjustments, so we’re going to do the news first, split into two segments. This week, we’re discussing: Some interesting funding Two acquisitions - one picked up for $250M, the other slightly larger, at $25 BILLION Interesting new companies! On the 1 year an…

1
Pipes, Thorium, Excel, ATM Hillbilly Cannibal Attack, Lambdas, AIs, Aaran Leyland - SWN #499 35:55

17d ago35:55

35:55

Pipes, Thorium, Excel, Weird Ports, ATM Hillbilly Cannibal Attack, Lambdas, National Guard, AIs, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-499

1
Hacking Washing Machines - PSW #885 1:58:07

18d ago1:58:07

1:58:07

In the security news: Hacking washing machines, good clean fun! Hacking cars via Bluetooth More Bluetooth hacking with Breaktooth Making old vulnerabilities great again: exploiting abandoned hardware Clorox and Cognizant point fingers AI generated Linux malware Attacking Russian airports When user verification data leaks Turns out you CAN steal car…

1
Aligning Security Objectives, Ditch the Ego, Lead for Real and Succeed - BSW #406 29:45

19d ago29:45

29:45

In the leadership and communications section, The CISO code of conduct: Ditch the ego, lead for real, The books shaping today’s cybersecurity leaders, How to Succeed in Your Career When Change Is a Constant, and more! Show Notes: https://securityweekly.com/bsw-406

1
Popup Porn, LoveSense, Tea, Fire Ant, Scatterede Spider, AI Pricing, Josh Marpet... - SWN #498 31:06

20d ago31:06

31:06

Popup Porn, LoveSense, Tea, Fire Ant, Scatterede Spider, AI Pricing, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-498

1
How Product-Led Security Leads to Paved Roads - Julia Knecht - ASW #341 1:04:11

20d ago1:04:11

1:04:11

A successful strategy in appsec is to build platforms with defaults and designs that ease the burden of security choices for developers. But there's an important difference between expecting (or requiring!) developers to use a platform and building a platform that developers embrace. Julia Knecht shares her experience in building platforms with an …

1
tj-actions Lessons Learned, US Cyber Offense, this week's enterprise security news - Dimitri Stiliadis - ESW #417 1:42:01

21d ago1:42:01

1:42:01

Interview Segment - Lessons Learned from the tj-actions GitHub Action Supply Chain Attack with Dimitri Stiliadis Breach analysis is one of my favorite topics to dive into and I’m thrilled Dimitri is joining us today to reveal some of the insights he’s pulled out of this GitHub Actions incident. It isn’t an overstatement to say that some of the less…

1
Total Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More... - SWN #497 33:07

24d ago33:07

33:07

Total Recall, Steam, Storm-2063, Unmarker, Altair, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-497

1
Protecting G-Suite/MS365 and Security News - Abhishek Agrawal - PSW #884 2:11:14

25d ago2:11:14

2:11:14

We chat with Material Security about protecting G Suite and MS365. How else are you monitoring the most commonly used cloud environments and applications? In the security news: Google Sues Badbox operators Authenticated or Unauthenticated, big difference and my struggle to get LLMs to create exploits for me Ring cameras that were not hacked Malicou…

1
Getting Consensus as a CISO, While Calculating Cybersecurity ROI and Building a Team - Khaja Ahmed - BSW #405 1:03:11

26d ago1:03:11

1:03:11

How do we get security right? The answer varies by many factors, including industry, what you're trying to protect, and what the C Suite and Board care about. Khaja Ahmed, Advisor at CISO Forum, joins Business Security Weekly to discuss how to get consensus on your security program. CISOs, executives, and the Board need to be aligned on the risks a…

1
Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more... - Rob Allen - SWN #496 41:57

27d ago41:57

41:57

Donatello, SharePoint, CrushFTP, WordPress, Replit, AllaKore, Rob Allen, and more on the Security Weekly News. Segment Resources: https://www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Show Notes: http…

1
Rise of Compromised LLMs - Sohrob Kazerounian - ASW #340 1:06:35

27d ago1:06:35

1:06:35

AI is more than LLMs. Machine learning algorithms have been part of infosec solutions for a long time. For appsec practitioners, a key concern is always going to be how to evaluate the security of software or a system. In some cases, it doesn't matter if a human or an LLM generated code -- the code needs to be reviewed for common flaws and design p…

1
The Cyber Canon, ditching the SOC 2, and the weekly enterprise news - Helen Patton - ESW #416 1:49:28

28d ago1:49:28

1:49:28

1
Existential Dread, MCP, Cloudflare, ESXI, QR Codes, Salt Typhoon, Aaran Leyland... - SWN #495 33:42

1M ago33:42

33:42

Existential Dread and Seawater, MCP, Cloudflare, ESxi, QR Codes, Salt Typhoon, Aaran Leyland, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-495

1
Hackers On A Train - PSW #883 2:02:07

1M ago2:02:07

2:02:07

In the security news: The train is leaving the station, or is it? The hypervisor will protect you, maybe The best thing about Flippers are the clones Also, the Flipper Zero as an interrogation tool Threats are commercial and open-source Who is still down with FTP? AI bug hunters Firmware for Russian drones Merging Android and ChromOS Protecting you…

1
Minimize SAP Migration Challenges, Cybersecurity Maturity, and Radical Transparency - Christopher Carter - BSW #404 58:31

1M ago58:31

58:31

Are you running SAP? The clock is ticking... Standard maintenance end-of-life is set for the end of 2027. Migration to S/4HANA must be completed by then (or 2030 if you buy into SAP’s special three-year reprieve). While that may appear to be enough time, companies currently working toward an S/4HANA transition are finding the journey challenging, a…

1
AI meltdowns, Gigabyte, NCSC, Rowhammer, Gravity Form, Grok, AsyncRat, Josh Marpet... - SWN #494 30:02

1M ago30:02

30:02

AI meltdowns, Gigabyte, NCSC, Rowhammer, Gravity Form, Grok, AsyncRat, Josh Marpet and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-494

1
Getting Started with Security Basics on the Way to Finding a Specialization - ASW #339 1:07:50

1M ago1:07:50

1:07:50

What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users. The better question is, "What do you want to secure?" We discus…

1
From Diagram to Cloud: Rethinking Cloud Security in an Age of Uncertainty - Yogita Parulekar - CSP #214 34:39

1M ago34:39

34:39

From Diagram to Cloud: Rethinking Cloud Security in an Age of Uncertainty Episode Summary: In this month’s episode of CISO Stories, we dive deep into cloud security with cybersecurity veteran and cloud innovator Yogi Parulekar, founder of InviGrid. Against a backdrop of rising geopolitical tensions and tightening budgets, we explore how organizatio…

1
Monzy Merza, How Much AI is Too Much, and the Weekly News - Monzy Merza - ESW #415 1:43:41

1M ago1:43:41

1:43:41

Segment 1: Interview with Monzy Merza - There is a Right and Wrong Way to use AI in the SOC In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' p…

1
Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet... - SWN #493 33:42

1M ago33:42

33:42

Tapjacking, ZuChe, PerfektBlue, McHacking, OT in the IT, Add Ons, Josh Marpet, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-493

1
Citrixbleed 2, Hardware Hacking, and Failed Bans - PSW #882 2:06:05

1M ago2:06:05

2:06:05

This week in the security news: Citrixbleed 2 and so many failures Ruckus leads the way on how not to handle vulnerabilities When you have no egress Applocker bypass So you bought earbuds from TikTok More gadgets and the crazy radio Cheap drones and android apps Best Mario Kart controller ever VSCode: You're forked Bluetooth earbuds and vulnerabili…

1
SolarWinds Settlement, Upgrade Your Leadership Instincts to Build Your Legacy - BSW #403 51:58

1M ago51:58

51:58

SEC settles with SolarWinds. We react! In the leadership and communications section, The Skills and Habits Aspiring CEOs Need to Build, Why People Really Quit — And How Great Managers Make Them Want to Stay, The Small Actions That Become Your Legacy, and more! Show Notes: https://securityweekly.com/bsw-403…

1
Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland... - SWN #492 33:25

1M ago33:25

33:25

Spying on your kids, Bank Robberies, Qantas, LOTL, sudo, Hunters, Aaran Leyland, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-492

1
Checking in on the State of Appsec in 2025 - Sandy Carielli, Janet Worthington - ASW #338 1:07:15

1M ago1:07:15

1:07:15

Appsec still deals with ancient vulns like SQL injection and XSS. And now LLMs are generating code along side humans. Sandy Carielli and Janet Worthington join us once again to discuss what all this new code means for appsec practices. On a positive note, the prevalence of those ancient vulns seems to be diminishing, but the rising use of LLMs is e…

1
Identity, AI & Access: Highlights from Identiverse 2025 - Treb Ryan, Sagi Rodin, Amir Ofek, Artyom Poghosyan, Ajay Amlani, Ajay Gupta - ESW #414 1:49:38

1M ago1:49:38

1:49:38

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical too…

1
North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran - SWN #491 28:50

1M ago28:50

28:50

North Korea, ransomware, social engineering, AI, Apple, Drugs & Iran on this edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-491

1
Exploring Meshtastic and LoRa Mesh Networks - Rob Allen - PSW #881 1:08:13

2M ago1:08:13

1:08:13

This week, we dive into the world of Meshtastic and LoRa—two technologies empowering secure, long-range, and infrastructure-free communication. We'll talk about the origins of Meshtastic, how LoRa radio works, and why mesh networking is revolutionizing off-grid messaging for adventurers, hackers, emergency responders, and privacy advocates alike. W…

1
The Value of Zero Trust - Rob Allen - BSW #402 32:29

2M ago32:29

32:29

New research estimates the value of Zero Trust. Using the Marsh McLennan Cyber Risk Intelligence Center’s proprietary cyber losses dataset from the past eight years, researchers estimated that overall cyber losses could have been potentially reduced by up to 31% had the organizations widely deployed zero-trust security. This adds up to a projected …

1
Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet.. - SWN #490 31:11

2M ago31:11

31:11

Sony, Scattered Spider, Hikvision, Cybercrime, Iran, BSODs, Cloudflare, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-490

1
Simple Patterns for Complex Secure Code Reviews - Louis Nyffenegger - ASW #337 38:26

2M ago38:26

38:26

Manual secure code reviews can be tedious and time intensive if you're just going through checklists. There's plenty of room for linters and compilers and all the grep-like tools to find flaws. Louis Nyffenegger describes the steps of a successful code review process. It's a process that starts with understanding code, which can even benefit from a…

1
The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413 1:52:05

2M ago1:52:05

1:52:05

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organ…

1
Broadcom, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and more... - SWN #489 31:28

2M ago31:28

31:28

Broadcom is coming for you, Direct Send, N0auth, UNFI, Cisco, Oneclik, Russ Beauchemin, and More on this episode of the Security Weekly News. Show Notes: https://securityweekly.com/swn-489

1
Is Vuln Management Dead? - HD Moore - PSW #880 2:16:08

2M ago2:16:08

2:16:08

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integrati…

1
Thriving Through Volatility: Insights for CISOs - Jeff Pollard, Pejman (Pej) Roshan, Deepen Desai - BSW #401 1:05:24

2M ago1:05:24

1:05:24

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The convers…

1
The Rise of Malware: Salt Typhoon and Spark Kitty - SWN #488 35:37

2M ago35:37

35:37

In this episode of Security Weekly News, Doug White discusses various cybersecurity threats, including the Salt Typhoon and Spark Kitty malware, the implications of Microsoft's decision to drop support for old hardware drivers, and the potential increase in cyber threats from Iran. The conversation also covers the alarming 16 billion password leak …

1
How Fuzzing Barcodes Raises the Bar for Secure Code - Artur Cygan - ASW #336 1:01:18

2M ago1:01:18

1:01:18

Fuzzing has been one of the most successful ways to improve software quality. And it demonstrates how improving software quality improves security. Artur Cygan shares his experience in building and applying fuzzers to barcode scanners, smart contracts, and just about any code you can imagine. We go through the useful relationship between unit tests…

1
Rethinking Identity: IAM, PAM & Passwordless Trends from Identiverse - Chip Hughes, Ashley Stevenson, John Pritchard, Amit Masand, Matt Caulfield, David Lee - ESW #412 1:38:23

2M ago1:38:23

1:38:23

In fast-paced, shared device environments like healthcare, manufacturing, and other critical industries, traditional access management approaches are falling short, quietly eroding both security and productivity. This episode explores how outdated methods, like shared credentials and clunky logins, create friction, increase risk, and undermine comp…

Podcasts Worth a Listen

SecurityWeek Podcasts

Podcasts Worth a Listen

Quick Reference Guide