Best Josh and Jack Muller Podcasts (2025)

1
The David Fincher Episode! 1:50:41

1d ago1:50:41

1:50:41

Brothers Josh and Jack talk about one of their collectively favorite directors, David Fincher. If you like creepy, perverted, masterfully crafted, thrilling, beautifully shot movies, then this is the episode for you. David Fincher is one of our greatest living American filmmakers and we celebrate him in this episode. Our lists range from his impres…

1
Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie - ASW #331 1:01:48

1d ago1:01:48

1:01:48

In the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenSSF and Linux Foundation. Then we share two more sponsored interviews f…

1
246 - Keep Going Back To God with Jack Landry 1:07:37

2d ago1:07:37

1:07:37

No matter what our origin, we all struggle to follow the will of God. Our pride gets in the way, blocking our ability to both hear and follow His plan. The little things we do set the stage for our success in every aspect of life. The little habits and routines we do are essential. Join me in this episode for a great discussion with my guest Jack L…

1
The State of Cybersecurity Readiness for the Next Big Emergency - David Aviv, Bri Frost, Marshall Erwin - ESW #407 2:12:42

2d ago2:12:42

2:12:42

Segment 1: Fastly Interview In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and eve…

1
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477 33:54

4d ago33:54

33:54

Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-477

1
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477 33:54

3d ago33:54

33:54

Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-477

1
Ransomware in your CPU - PSW #874 1:58:19

4d ago1:58:19

1:58:19

This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…

1
Ransomware in your CPU - PSW #874 1:58:19

5d ago1:58:19

1:58:19

This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…

1
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Derek Manky, Gunter Ollmann - BSW #395 1:06:28

7d ago1:06:28

1:06:28

In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …

1
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Gunter Ollmann, Derek Manky - BSW #395 1:06:28

7d ago1:06:28

1:06:28

In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …

1
Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476 29:03

6d ago29:03

29:03

Deepfake porn, South Korea, Operation Moonlander, Chinese AI, FBI, AI use damages professional reputation, Joshua Marpet and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-476

1
Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476 29:03

7d ago29:03

29:03

Deepfake porn, South Korea, Operation Moonlander, Chinese AI, FBI, AI use damages professional reputation, Joshua Marpet and More Show Notes: https://securityweekly.com/swn-476

1
2024 in Review! 1:40:49

8d ago1:40:49

1:40:49

In this episode, brothers Josh and Jack discuss the movie year that was 2024. We talk about the (at the time of recording) upcoming Oscars, our favorite performances, our favorite scenes, our favorite action sequences. And of course, we give our favorite films of 2024. What are your thoughts on that year in film? Music credit: Happy and Fun Kids Ja…

1
Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330 1:09:38

8d ago1:09:38

1:09:38

Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …

1
Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330 1:09:38

8d ago1:09:38

1:09:38

Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …

1
245 - Authentic Masculinity with Josh Tomeoni 1:07:12

9d ago1:07:12

1:07:12

Have you ever noticed that sometimes what your wife says she wants isn't what she actually wants? While this is true for everyone, modern women are in a particular pinch about expressing what they want from a man. The truth is they simultaneously want a deep and powerful masculine presence from their man but are also scared of that masculinity. Thi…

1
Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406 2:14:05

9d ago2:14:05

2:14:05

Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, …

1
Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406 2:14:05

9d ago2:14:05

2:14:05

Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, …

1
Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland... - SWN #475 33:52

11d ago33:52

33:52

Sudo watch this show, Hallucinations, Kickidler, Powershool redux, Old Man Router, PSMU, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-475

1
Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland... - SWN #475 33:52

10d ago33:52

33:52

Sudo watch this show, Hallucinations, Kickidler, Powershool redux, Old Man Router, PSMU, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-475

1
Are You Down With RDP? - PSW #873 2:04:49

12d ago2:04:49

2:04:49

Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…

1
Are You Down With RDP? - PSW #873 2:04:49

11d ago2:04:49

2:04:49

Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…

1
First Episode! 1:36:52

14d ago1:36:52

1:36:52

Hey everyone and welcome to The Longlist. This is our inaugural episode and our goal this first one is for you to get to know your hosts, brothers Josh and Jack, a little bit more. We give some take on the Oscars (at the time of recording) and have some more personally oriented top fives for you leading up to our rankings of the films in our respec…

1
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Dr. Aleksandr Yampolskiy, Lenny Zeltser - BSW #394 1:04:40

14d ago1:04:40

1:04:40

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (lik…

1
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Lenny Zeltser, Dr. Aleksandr Yampolskiy - BSW #394 1:04:40

14d ago1:04:40

1:04:40

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (lik…

1
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen... - Rob Allen - SWN #474 36:47

13d ago36:47

36:47

Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen, and more on the Security Weekly News. Segment Resources: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly…

1
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen... - Rob Allen - SWN #474 36:47

15d ago36:47

36:47

Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen, and more on the Security Weekly News. Segment Resources: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Show Notes: https://securityweek…

1
AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Vishal Gupta, Idan Plotnik - ASW #329 1:03:03

15d ago1:03:03

1:03:03

We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass a…

1
AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Idan Plotnik, Vishal Gupta - ASW #329 1:03:03

15d ago1:03:03

1:03:03

We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass a…

1
2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Jason Mical, Lori Robinson, Hed Kovetz, Rob Allen, Vivek Ramachandran, Alex Pinto - ESW #405 1:42:43

16d ago1:42:43

1:42:43

Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and ex…

1
2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Hed Kovetz, Vivek Ramachandran, Rob Allen, Jason Mical, Alex Pinto, Lori Robinson - ESW #405 1:42:44

17d ago1:42:44

1:42:44

Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and ex…

1
Security Weekly News Interviews Leaders of NECCDC competition - SWN #473 32:02

19d ago32:02

32:02

Join us for a special in-person edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-473

1
Security Weekly News Interviews Leaders of NECCDC competition - SWN #473 32:02

17d ago32:02

32:02

Join us for a special in-person edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-473

1
AI Tips, Tricks, and Traps! - PSW #872 1:37:21

20d ago1:37:21

1:37:21

The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …

1
AI Tips, Tricks, and Traps! - PSW #872 1:37:21

18d ago1:37:21

1:37:21

The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …

1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393 49:58

20d ago49:58

49:58

In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…

1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393 49:58

21d ago49:58

49:58

In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…

1
Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472 33:34

21d ago33:34

33:34

Join us for a special in-person edition of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-472

1
Security Weekly News Interviews Participants and Coaches at NECCDC - SWN #472 33:34

22d ago33:34

33:34

Join us for a special in-person edition of the Security Weekly News! Show Notes: https://securityweekly.com/swn-472

1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328 44:08

22d ago44:08

44:08

In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…

1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328 44:08

21d ago44:08

44:08

In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…

1
The reason for Zoom's outage is crazy, huge funding amounts before RSA - ESW #404 40:37

23d ago40:37

40:37

In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The c…

1
The Future of Access Management - Jeff Shiner - ESW #404 39:05

23d ago39:05

39:05

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how emplo…

1
The Future of Access Management - Jeff Shiner - ESW #404 2:00:22

23d ago2:00:22

2:00:22

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how emplo…

1
Reviewing the Verizon 2025 Data Breach Investigations Report - ESW #404 40:42

23d ago40:42

40:42

In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir Show Notes: https://securityweekly.com/esw-404

1
Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer... - Malcolm Harkins, Kasimir Schulz - SWN #471 34:02

26d ago34:02

34:02

Beating the AI Game, Ripple (not that one), Numerology, Darcula, Special Guests, and More, on this edition of the Security Weekly News. Special Guests from Hidden Layer to talk about this article: https://www.forbes.com/sites/tonybradley/2025/04/24/one-prompt-can-bypass-every-major-llms-safeguards/ Show Notes: https://securityweekly.com/swn-471…

1
Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer... - Malcolm Harkins, Kasimir Schulz - SWN #471 34:02

26d ago34:02

34:02

Beating the AI Game, Ripple (not that one), Numerology, Darcula, Special Guests, and More, on this edition of the Security Weekly News. Special Guests from Hidden Layer to talk about this article: https://www.forbes.com/sites/tonybradley/2025/04/24/one-prompt-can-bypass-every-major-llms-safeguards/ Visit https://www.securityweekly.com/swn for all t…

1
Hacking Crosswalks and Attacking Boilers - PSW #871 2:04:15

27d ago2:04:15

2:04:15

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…

1
Hacking Crosswalks and Attacking Boilers - PSW #871 2:04:15

27d ago2:04:15

2:04:15

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…

1
ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring - Martin Tschammer - BSW #392 1:03:55

28d ago1:03:55

1:03:55

AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizin…

Podcasts Worth a Listen

Josh And Jack Muller Podcasts

Podcasts Worth a Listen

Quick Reference Guide