Best Attack Surface Management Podcasts (2025)

1
16. Attack Surface Management 101 48:06

25d ago48:06

48:06

This bumper episode of The Dark Dive features no fewer than four co-founders, as the CEO and CTO of Searchlight Cyber (Ben Jones and Gareth Owenson) are joined by their counterparts from the Attack Surface Management company Assetnote (Michael Gianarakis and Shubham Shah). Together, we discuss the background of Assetnote and origins of its founders…

1
Don't Click That! How to Spot Email Attacks Before It's Too Late 26:14

5d ago26:14

26:14

In this episode of Act on Tech, we take a closer look at one of the most common cybersecurity threats: email attacks. From phishing scams to malicious attachments, cybercriminals are getting smarter—and your inbox is their favorite playground. I’ll break down how to recognize suspicious emails, common tactics attackers use, and what steps you can t…

1
Unconventional Paths to Cybersecurity (AKA keeping your Nan Safe From Hackers) 41:25

13d ago41:25

41:25

How can overcoming personal adversity lead to a successful career in cybersecurity? Welcome to Razorwire, the podcast that delves into the world of cybersecurity by sharing the journeys of its most inspiring figures. Join us for a truly heartwarming episode as we welcome Jemma, the brilliant mind behind CultureGem and a passionate champion for secu…

1
Mastering the Art of Communication in InfoSec 42:59

27d ago42:59

42:59

In this latest episode of Razorwire, I sit down with the brilliant Stefania Chaplin to explore the often overlooked yet crucial skill of effective communication in information security. Throughout our conversation, we discuss why communication matters so much in our field, especially during critical moments when tensions run high. Stefania brings h…

1
DIY Home Server Setup – How to Build and Host Your Own Server 25:36

1M ago25:36

25:36

Ever thought about running your own home server? In this episode of Act on Tech, we dive into the world of DIY home servers—why you might want one, what you can do with it, and how to set it up. We’ll cover hardware choices, software options, and best practices for security and performance. Whether you’re looking to self-host cloud storage, run gam…

1
Lock It Down: Password Managers & 2FA Explained 26:48

1M ago26:48

26:48

Are your passwords really keeping you safe? In this episode of Act on Tech, we dive into the world of password management and two-factor authentication (2FA). Learn why weak passwords put you at risk, how password managers can simplify security, and why enabling 2FA is a must for protecting your accounts. Plus, we break down the best 2FA methods an…

1
Spotlight on Technology: Mastering Attack Surface Management 48:45

1M ago48:45

48:45

In our latest episode, join me, James Rees, for a chat with Nick Palmer from Censys about the critical importance of attack surface management. With 25 years of experience in the industry, Nick explains how today's threat landscape has evolved dramatically, with attackers now discovering vulnerabilities within hours rather than weeks. We explore th…

1
Exploring the Deep and Dark Web – What Lies Beneath the Surface 30:47

2M ago30:47

30:47

In this episode of Act on Tech, we dive into the hidden layers of the internet—the Deep Web and the Dark Web. What’s the difference between them? How do they work? And why do they exist? We’ll explore the technology behind these hidden networks, their legitimate and illicit uses, and the security risks involved. Whether you’re curious about privacy…

1
15. Dark Web Threats Against Individuals 48:41

2M ago48:41

48:41

In this episode of The Dark Dive we look at how specific individuals - Executives, VIPs, and high-net worths - are targeted by cybercriminals and on the dark web. Ahead of the launch of their Digital Footprint Review service, NCC Group's Matt Hull joins us to discuss the threats facing individuals - including social engineering and Business Email C…

1
Understanding Zero Trust Security – A Modern Approach to Cybersecurity 26:41

2M ago26:41

26:41

In this episode of Act on Tech, we dive into Zero Trust Security, a modern cybersecurity model that challenges the traditional "trust but verify" approach. We discuss why trust is a vulnerability, how Zero Trust works in practice, and the key principles businesses and individuals can adopt to protect their networks, data, and devices. Whether you'r…

1
AI Data Harvesting - Who Really Owns Your Digital Footprint? 49:46

2M ago49:46

49:46

In this episode of Razorwire, we’re looking into the contentious realm of AI and data privacy. This week, I’m joined by Amy Stokes Waters, CEO of The Cyber Escape Room Company, and Ryan Mangan, a chartered IT professional and Microsoft MVP, to explore the ethical implications of feeding our personal data into AI systems. Join our discussion on rece…

1
VoIP Phone Systems: Enhancing Business Communication 26:16

2M ago26:16

26:16

In this episode of Act on Tech, we explore VoIP (Voice over Internet Protocol) phone systems and how they can transform business communication. We discuss the benefits of VoIP over traditional phone lines, key features businesses should look for, and how to choose the right provider. Whether you're a small business owner or an IT professional, this…

1
Linux 101: A Beginner’s Guide to the Open-Source OS 26:52

2M ago26:52

26:52

In this episode of Act on Tech, we introduce you to Linux, the powerful open-source operating system that’s shaping the future of computing. Whether you’re a beginner or just curious about Linux, we’ll cover what it is, why people use it, and how it compares to other operating systems. We’ll also discuss popular distributions, common use cases, and…

1
Inside Incident Response: Turning Chaos into Cohesive Teamwork 47:29

2M ago47:29

47:29

Our latest episode brings in security expert Iain Pye, who shares military tales with me, your host James Rees, about what really happens when everything goes wrong. We get stuck into the nitty-gritty of incident response - the sleepless nights, the pressure from executives, and how to keep your team going when they're running on fumes. From ransom…

1
14. The Dark Web in 2025 54:11

2M ago54:11

54:11

In the first episode back of the year we've assembled two of Searchlight Cyber's threat intelligence experts to give their take on what we can expect from the dark web in 2025. Louise Ferrett and Luke Donovan say what they think 2024 will be remembered for, choose one news story that might have gone under the radar, and (are forced into) making a p…

1
Backup or Bust: Why Your Data Needs a Safety Net 30:02

3M ago30:02

30:02

In this episode of Act on Tech, we break down the importance of backups and why they are essential for protecting your data. From personal files to critical business information, losing data can be devastating. We’ll cover different backup strategies, cloud vs. local storage, and best practices to keep your information safe. Don’t wait for disaster…

1
How LLMs and DeepSeek Are Changing the Game 27:19

3M ago27:19

27:19

In this episode of Act on Tech, we dive into the world of Large Language Models (LLMs) and explore DeepSeek, a tool that's making waves in the tech space. Learn how AI-powered models are transforming productivity, research, and automation, and discover how DeepSeek fits into the equation. Whether you're a tech enthusiast or a business owner, this e…

1
The Cost of Being a CISO Part 2: Ethics, Leadership and Strategic Impact 50:28

3M ago50:28

50:28

Welcome back to Razorwire! I'm your host, Jim, and in this second part of our CISO Dilemmas series, we welcome back security experts Oliver Rochford and Richard Cassidy. Moving beyond the challenges covered in part one, this episode explores the rewarding aspects of the role while taking a frank look at the ethical issues security leaders regularly…

1
Windows 10 End of Life: What Small Businesses Must Do Now 27:16

3M ago27:16

27:16

Windows 10 is reaching its end of life, and small businesses need to take action to stay secure and compliant. In this episode of Act on Tech, we break down what the Windows 10 end-of-life means, the risks of continuing to use it, and the steps businesses should take to upgrade or transition smoothly. Whether you're considering Windows 11, extended…

1
Introduction to Network Security: Why It Matters 26:51

3M ago26:51

26:51

In this episode of Act on Tech, we explore the fundamentals of network security and why it's essential for individuals and small businesses. Learn how protecting your data, devices, and systems can safeguard your operations from potential cyber threats. We’ll also share practical tips to improve your security posture and how Alex Custom Tech can he…

1
Cybersecurity 2025 – Predictions from the Experts 47:40

3M ago47:40

47:40

Surviving and Thriving in the 2025 Cybersecurity Landscape: Predictions and Strategies Welcome back to Razorwire! Join me, Jim, as we forecast the major trends and changes for 2025 that are set to reshape the cybersecurity industry. Joining me are cyber veterans and regular guests Oliver Rochford and Richard Cassidy. As cybersecurity becomes increa…

1
Wireless Mesh Networks Expanding Your Connectivity 25:45

3M ago25:45

25:45

In this episode of Act on Tech, we explore the power of wireless mesh networks. Discover what they are, how they work, and why they’re a game-changer for seamless internet coverage at home or in your business. Tune in to learn how to eliminate dead zones and stay connected like never before! Send us a text Stay tuned for more insights on how to lev…

1
VPNs Explained Protecting Your Data at Home and Work 25:45

4M ago25:45

25:45

In this episode of Act on Tech, we dive into Virtual Private Networks (VPNs). Learn what a VPN really is, how it works, and the ways it can enhance security for both personal and business use. Whether you're safeguarding your online privacy or securing your company's sensitive data, this episode has you covered! Send us a text Stay tuned for more i…

1
Supercharge Your Security Budget in 2025: Smarter Investments, Stronger Defence 48:39

4M ago48:39

48:39

Ever wonder how to get the most out of your cybersecurity budget without leaving your company vulnerable? Hey there, it’s Jim from Razorwire! In this episode, I sit down with cybersecurity pros Chris Dawson and Iain Pye to chat about smart spending when it comes to your cybersecurity budget. Whether you’re a big enterprise with a hefty budget or a …

1
"AI Unveiled: Understanding and Embracing the Future" 25:46

4M ago25:46

25:46

In this inaugural episode of Act on Tech, we explore the world of Artificial Intelligence. What is AI, and how does it work? More importantly, why should we embrace its potential rather than fear it? Join me as we separate fact from fiction and discuss how AI can empower us to be more productive in our personal and professional lives. Send us a tex…

1
13. Infostealers on the Dark Web 55:21

4M ago55:21

55:21

In this episode of The Dark Dive we're looking at a particular type of malware called Information Stealers or "infostealers". This malware is designed to (you guessed it!) steal information from infected devices. Threat Intelligence Engineers Rob Fitzsimons and Joe Honey discuss exactly how infostealers work, why this malware has become so prolific…

1
The Cost of Being A CISO Part 1: Personal, Professional & Organisational Challenges 58:38

5M ago58:38

58:38

Join us for part one of our two-part series examining the world of Chief Information Security Officers. This episode welcomes back Richard Cassidy, Field CISO at Rubrik, and Oliver Rochford, former Gartner analyst and founder of Cyberfuturist. This episode offers insights that will give you insight into what makes security leadership successful - a…

1
12. Encrypted Communication Apps: From Telegram to EncroChat 41:36

5M ago41:36

41:36

This episode of The Dark Dive focuses on encrypted communication apps, including Telegram, Tox, Signal, Session, and Jabber. While not strictly speaking part of the "dark web", these apps are used by the same criminals to perpetrate many of the same crimes. We start with the "mainstream", taking a close look at the popular messaging app Telegram in…

1
Humans vs AI: Building a Security Culture That Actually Works with Noora Ahmed-Moshe 49:14

5M ago49:14

49:14

As AI reshapes cybersecurity threats, understanding how scams are evolving has never been more critical. Welcome to Razorwire. I'm Jim, and today I'm talking with Noora Ahmed-Moshe, VP of Strategy and Operations at Hoxhunt. We'll explore how AI is transforming cybersecurity threats and what that means for protecting ourselves and our organisations.…

1
Mental Health, Organisational Culture & The Human Side of Cybersecurity 40:32

6M ago40:32

40:32

Are layoffs increasing your cybersecurity risk and driving your team to burnout? This episode looks into the psychological underpinnings of infosec to navigate turbulent times at work. Welcome to Razorwire, the podcast that cuts through the complexities of information security with sharp insights and expert discussions. In this episode, I’m joined …

1
Insider Threats & Third Party Risk: How to Manage Security Threats 44:58

6M ago44:58

44:58

Every vendor you trust and every employee you hire could be your next security crisis—explore the realities of third party risk and insider threats on this episode of Razorwire! Join us for a discussion on the multifaceted challenges of third party risk and how they can destabilise your organisation. From the growing complexities of cloud providers…

1
11. Responding to a Cyberattack 47:04

6M ago47:04

47:04

In this episode of The Dark Dive we're joined by incident response heavyweight Caleb Barlow (former head of IBM X-Force and now CEO of Cyberbit) and Searchlight Cyber's Head of Threat Intelligence Luke Donovan to discuss the best ways to respond to a cyberattack. Caleb and Luke share war stories, talk about what progress has been made in the cybers…

1
How to Optimise Your GRC Tools 43:36

6M ago43:36

43:36

How to Optimise Your GRC Tools Improving Value, Efficiency & True Risk Management Are your GRC tools really managing risk, or just creating noise? Welcome to the latest episode of Razorwire, where we cut through the complexities of the cybersecurity world to deliver actionable insights. I'm your host, Jim, and in this episode, we're discussing the …

1
Maximizing Security Outcomes: The Role of ASM in Bug Bounty Programs 37:44

7M ago37:44

37:44

Running an effective bug bounty program requires balancing an attractive scope and payout to hunters with an attack surface that challenges hunters to do more than automated scans. Program managers want to pay for skillful findings, not automated ones. In this episode, we talk about how ASM helps optimize your bug bounty program.…

1
Internet-Wide Recon: Moving Past IP-Centric Approaches 27:16

7M ago27:16

27:16

In this episode, we discuss the blindspots of IP-centric approaches to asset discovery and the importance of understanding the full attack surface of an organization. We unpack the challenges posed by modern cloud architectures, load balancers, and WAFs, and how these can create blind spots in reconnaissance efforts. We also highlight the significa…

1
Navigating Mental Health, Narcissism & Burnout in Cybersecurity with Lisa Ventura MBE 40:52

7M ago40:52

40:52

Welcome to Razorwire, the podcast where I, James Rees, cover the cybersecurity topics that matter with expert guests from across the industry. We aim to help cybersecurity professionals enhance their skills, improve their work performance, and boost their overall quality of life in this demanding field. The illustrious Lisa Ventura, MBE, award winn…

1
Beyond Shadow IT: Understanding the True Attack Surface of Your Software 45:18

7M ago45:18

45:18

This week's episode dives deep into the concept of shadow exposure and how it relates to third-party software, often overlooked in discussions about shadow IT. We explore the historical context of shadow IT, its evolution, and the real risks associated with widely deployed enterprise software that organizations may not fully understand. Join us as …

1
10. The Correlation Between Dark Web Exposure and Cybersecurity Risk 48:11

7M ago48:11

48:11

Can you quantify the risk the dark web poses to organizations? In this episode of the podcast, we discuss a landmark study that has tried to do just that. We're joined by Scott Stransky, Managing Director and Head of the Marsh McLennan Cyber Risk Intelligence Center and Ben Jones, CEO of Searchlight Cyber and Scott unravel the findings of the repor…

1
ChatGPT vs Cyber Threats: The REAL Role of AI in Cybersecurity 56:56

7M ago56:56

56:56

Unlock the truth about using Large Language Models (LLMs) in cybersecurity - are they the next big thing or just another trend? In this episode of Razorwire, your host, James Rees, brings together cybersecurity expert Richard Cassidy and data scientist Josh Neil to talk about the use of AI and large language models (LLMs) in cybersecurity and their…

1
The Art of Recon: Strategies for Modern Asset Discovery 48:51

8M ago48:51

48:51

Today, we explore the world of asset discovery and reconnaissance, particularly how these practices have evolved over time. Historically, discussions around reconnaissance have been overly simplistic and tool-centric, often focusing solely on the latest tools rather than the underlying principles and methodologies. Join us as we break down our appr…

1
The Unknown Complexities of DNS Resolution 37:59

8M ago37:59

37:59

In this episode, we dive into the technical complexities of DNS resolution in the context of ASM asset discovery. Join us as we discuss the challenges, implications, and solutions we have encountered while dealing with DNS resolution at scale. From DNS wildcards to security scanning considerations, we explore the importance of DNS data and its role…

1
DORA & NIS2: The Cybersecurity Regulation Revolution 50:43

8M ago50:43

50:43

Are you ready for DORA and NIS2? Discover how these regulations could transform your security strategy! Welcome back to another episode of Razorwire! Today we unpack the DORA and NIS2 regulations with esteemed cybersecurity expert Richard Cassidy. I’m your host, Jim Rees, and I’ll be guiding the conversation for anyone navigating the evolving lands…

1
Confusion in the ASM Market 47:30

8M ago47:30

47:30

There's a lot of confusion in the ASM (Attack Surface Management) market. Today we discuss the core principles of ASM, the challenges of building and maintaining an effective ASM system, and the importance of safety and accuracy in external attack surface scanning. We share insights on the differences between asset discovery and exposure management…

1
Uncovering Critical Vulnerabilities in Magento: A Deep Dive 41:03

8M ago41:03

41:03

Today, co-hosts Michael and Shubs reflect on the six-year milestone of Assetnote and do a deep dive into a critical Magento bug. They explore the importance of proactive and reactive security research, the limitations of traditional vulnerability scoring systems like CVSS and EPSS, and the significance of understanding exploitability in assessing v…

1
Contextual Security and Beyond: The Future of Cybersecurity 47:45

8M ago47:45

47:45

Welcome back to Razorwire! I'm Jim, your host, and joining me today are cybersecurity experts Richard Cassidy and Oliver Rochford. Following on from our last episode of Razorwire, where Oliver and I discussed the key issues that cyber professionals need to focus on in 2024, this episode centres on key takeaways from recent security conferences, par…

1
What is "True" Attack Surface Management (ASM)? 52:46

9M ago52:46

52:46

Today we look at Attack Surface Management (ASM) with a focus on what true ASM entails. Join us as we discuss the core principles of ASM, the importance of understanding real exposure on your attack surface, and the role of security research in identifying vulnerabilities beyond known CVEs. Discover how our team at Assetnote pioneers a new approach…

1
The Untold Story of Assetnote: Origins and Evolution 57:19

9M ago57:19

57:19

In this podcast episode, Michael and Shubs explore the background and evolution of Assetnote, a pioneering Attack Surface Management platform. They discuss the company's origins, the challenges faced in its early days, and the strategic decisions that established it in the market. They discuss the importance of speed and scale and the value of auto…

1
A Deep Dive into Three ServiceNow Vulnerabilities (with Adam Kues) 39:42

9M ago39:42

39:42

Over the last decade, ServiceNow has been deployed readily across enterprises. With its growing popularity, combined with the lack of visibility organizations have on its security posture, at Assetnote, we worked hard to discover vulnerabilities in the ServiceNow platform. Assetnote Security Researcher, Adam Kues, spent over a month finding an expl…

1
Chaining Three Bugs to Access All Your ServiceNow Data (Live Q&A) 29:41

9M ago29:41

29:41

On May 14th, 2024, we disclosed a chain of vulnerabilities to ServiceNow, resulting in 3 new CVEs. This series of security issues affected all Vancouver and Washington ServiceNow instances (around 42,000 globally), allowing an attacker to execute code on the instance. In this live Q&A, Assetnote security researcher Adam Kues explains his approach t…

1
Top Cybersecurity Priorities for 2024 48:52

9M ago48:52

48:52

Welcome to Razorwire, the podcast that cuts through the noise of the information security industry. I'm your host, Jim, and today we're talking a look at the state of the infosec industry so far in 2024 with our guest, Oliver Rochford. If you're a cybersecurity professional taking on the evolving threats and challenges of our field, you won't want …

Podcasts Worth a Listen

Attack Surface Management Podcasts

Podcasts Worth a Listen

Quick Reference Guide