To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!

Erik And Blade Podcasts

Erik and Blade public [search 0]
More
Download the App!
Get it on App Store Get it on Google Play
show episodes
 
Artwork

1
Security Weekly Podcast Network (Audio)

Security Weekly Productions

icon2k
icon3k
icon
Unsubscribe
 icon
icon
Unsubscribe
 icon Daily
 
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
  continue reading
 
Loading …
show series
 
Artwork

1
UEFI Vulnerabilities Galore - PSW #878 2:10:48

Play Pause
icon
2:10:48
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:10:48icon
 
This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…
  continue reading
 
Artwork

1
Security Money: The Index is Up, CISOs Need to Get Out, and Are You Burning Out? - BSW #399 56:27

Play Pause
icon
56:27
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
56:27icon
 
This week, it’s time for security money. The index is up, but the previous quarterly results were brutal. In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, …
  continue reading
 
Artwork

1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334 1:09:09

Play Pause
icon
1:09:09
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:09:09icon
 
CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…
  continue reading
 
Artwork

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

Play Pause
icon
1:38:02
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:38:02icon
 
Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …
  continue reading
 
Artwork

1
Updating & Protecting Linux Systems - PSW #877 1:05:23

Play Pause
icon
1:05:23
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:05:23icon
 
Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…
  continue reading
 
Artwork

1
Regain Control of Business Risks, Your Leadership Habits, and Being Present - Alla Valente - BSW #398 1:18:17

Play Pause
icon
1:18:17
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:18:17icon
 
During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive. Alla Valente, Principal Analyst at Forreste…
  continue reading
 
Artwork

1
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333 39:06

Play Pause
icon
39:06
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
39:06icon
 
The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our sea…
  continue reading
 
Artwork

1
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409 1:38:33

Play Pause
icon
1:38:33
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:38:33icon
 
Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creatin…
  continue reading
 
Artwork

1
It's A Trap! - PSW #876 2:02:39

Play Pause
icon
2:02:39
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:02:39icon
 
In the security news: Vicious Trap - The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities - a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentials on end of life routers and "Alphanetworks" SIM s…
  continue reading
 
Artwork

1
Quantum Readiness & Zero Trust: Strategies to Strengthen Digital Resilience - Jordan Avnaim, Chris Hickman, Amit Sinha, Albert Estevez Polo - BSW #397 1:07:59

Play Pause
icon
1:07:59
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:07:59icon
 
This segment explores how automated microsegmentation addresses critical Zero Trust gaps overlooked by traditional access controls and legacy segmentation solutions. We'll examine the limitations of perimeter-based defenses in today's dynamic threat landscape and reveal how automated microsegmentation enhances network security beyond conventional f…
  continue reading
 
Artwork

1
AI in AppSec: Agentic Tools, Vibe Coding Risks & Securing Non-Human Identities - Mo Aboul-Magd, Shahar Man, Brian Fox, Mark Lambert - ASW #332 1:04:35

Play Pause
icon
1:04:35
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:04:35icon
 
ArmorCode unveils Anya—the first agentic AI virtual security champion designed specifically for AppSec and product security teams. Anya brings together conversation and context to help AppSec, developers and security teams cut through the noise, prioritize risks, and make faster, smarter decisions across code, cloud, and infrastructure. Built into …
  continue reading
 
Artwork

1
Reality check on SOC AI; Enterprise News; runZero and Imprivata RSAC interviews - Erik Bloch, HD Moore, Joel Burleson-Davis - ESW #408 1:49:38

Play Pause
icon
1:49:38
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:49:38icon
 
Segment 1: Erik Bloch Interview The math on SOC AI just isn't adding up. It's not easy to do the math, either, as each SOC automation vendor is tackling alert fatigue and SecOps assistants a bit differently. Fortunately for us and our audience, Erik Bloch met with many of these vendors at RSAC and is going to share what he learned with us! Segment …
  continue reading
 
Artwork

1
Malware Laced Printer Drivers - PSW #875 2:01:59

Play Pause
icon
2:01:59
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:01:59icon
 
This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and…
  continue reading
 
Artwork

1
CISO Cheat Sheet, as Role Evolves and vCISO is Viable, Cobalt Strike and Resilience - Theresa Lanowitz, Rohit Dhamankar - BSW #396 1:17:08

Play Pause
icon
1:17:08
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:17:08icon
 
In the leadership and communications section, Why Every CISO Should Be Gunning For A Seat At The Board Table, The Innovation We Need is Strategic, Not Technical , The Best Leaders Ask the Right Questions, and more! This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Fortra is successfully reduc…
  continue reading
 
Artwork

1
Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie - ASW #331 1:01:48

Play Pause
icon
1:01:48
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:01:48icon
 
In the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenSSF and Linux Foundation. Then we share two more sponsored interviews f…
  continue reading
 
Artwork

1
The State of Cybersecurity Readiness for the Next Big Emergency - David Aviv, Bri Frost, Marshall Erwin - ESW #407 2:12:42

Play Pause
icon
2:12:42
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:12:42icon
 
Segment 1: Fastly Interview In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and eve…
  continue reading
 
Artwork

1
Ransomware in your CPU - PSW #874 1:58:19

Play Pause
icon
1:58:19
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:58:19icon
 
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
  continue reading
 
Artwork

1
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Gunter Ollmann, Derek Manky - BSW #395 1:06:28

Play Pause
icon
1:06:28
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:06:28icon
 
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …
  continue reading
 
Artwork

1
Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330 1:09:38

Play Pause
icon
1:09:38
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:09:38icon
 
Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …
  continue reading
 
Artwork

1
Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406 2:14:05

Play Pause
icon
2:14:05
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:14:05icon
 
Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, …
  continue reading
 
Artwork

1
Sudo watch, AI Dreams, Kickidler, Powershool, Old Man Router, PSMU, Aaran Leyland... - SWN #475 33:52

Play Pause
icon
33:52
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
33:52icon
 
Sudo watch this show, Hallucinations, Kickidler, Powershool redux, Old Man Router, PSMU, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-475
  continue reading
 
Artwork

1
Are You Down With RDP? - PSW #873 2:04:49

Play Pause
icon
2:04:49
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:04:49icon
 
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun Some magic info on MagicINFO Vulnerability Management Zombies There is a backdoor in your e-commerce Airborne: vulnerabilities in AirPlay Bring your own installer - crafty EDR bypass The Signal clone used by US government officials: shocker…
  continue reading
 
Artwork

1
C-Suite Gaps, Cybersecurity is not Working to Solve Exposures and Supply Chain Risks - Dr. Aleksandr Yampolskiy, Lenny Zeltser - BSW #394 1:04:40

Play Pause
icon
1:04:40
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:04:40icon
 
In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (lik…
  continue reading
 
Artwork

1
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen... - Rob Allen - SWN #474 36:47

Play Pause
icon
36:47
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
36:47icon
 
Deepfake Porn Bots, Skype, dd, Venom Spider, CISA, IT Helpdesk, Rob Allen, and more on the Security Weekly News. Segment Resources: https://cybersecuritynews.com/cyber-security-company-ceo-arrested/ This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! Visit https://www.securityweekly…
  continue reading
 
Artwork

1
AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Vishal Gupta, Idan Plotnik - ASW #329 1:03:03

Play Pause
icon
1:03:03
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:03:03icon
 
We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass a…
  continue reading
 
Artwork

1
2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Jason Mical, Lori Robinson, Hed Kovetz, Rob Allen, Vivek Ramachandran, Alex Pinto - ESW #405 1:42:43

Play Pause
icon
1:42:43
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:42:43icon
 
Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and ex…
  continue reading
 
Artwork

1
AI Tips, Tricks, and Traps! - PSW #872 1:37:21

Play Pause
icon
1:37:21
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:37:21icon
 
The PSW crew discusses tips, tricks, and traps for using AI and LLMs. We discuss a wide range of AI-related topics, including how to utilize AI tools for writing, coding, data analysis, website design, and more! Some key takeaways include: AI has rapidly shifted from novelty to an essential tool in security and other fields. Paid AI versions offer …
  continue reading
 
Artwork

1
Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393 49:58

Play Pause
icon
49:58
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
49:58icon
 
In today’s ever-evolving business landscape, organizations face diverse risks, including cyber risks, that can significantly affect their operations and overall prosperity. Aligning risk management strategies with organizational objectives is crucial for effectively mitigating these potential threats and fostering sustainable growth. Easier said th…
  continue reading
 
Artwork

1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328 44:08

Play Pause
icon
44:08
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
44:08icon
 
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
  continue reading
 
Artwork

1
The Future of Access Management - Jeff Shiner - ESW #404 2:00:22

Play Pause
icon
2:00:22
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:00:22icon
 
As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how emplo…
  continue reading
 
Artwork

1
Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer... - Malcolm Harkins, Kasimir Schulz - SWN #471 34:02

Play Pause
icon
34:02
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
34:02icon
 
Beating the AI Game, Ripple (not that one), Numerology, Darcula, Special Guests, and More, on this edition of the Security Weekly News. Special Guests from Hidden Layer to talk about this article: https://www.forbes.com/sites/tonybradley/2025/04/24/one-prompt-can-bypass-every-major-llms-safeguards/ Visit https://www.securityweekly.com/swn for all t…
  continue reading
 
Artwork

1
Hacking Crosswalks and Attacking Boilers - PSW #871 2:04:15

Play Pause
icon
2:04:15
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:04:15icon
 
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin…
  continue reading
 
Artwork

1
ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring - Martin Tschammer - BSW #392 1:03:55

Play Pause
icon
1:03:55
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:03:55icon
 
AI Governance, the next frontier for AI Security. But what framework should you use? ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It is designed for entities providing or utilizin…
  continue reading
 
Artwork

1
Managing Secrets - Vlad Matsiiako - ASW #327 1:03:03

Play Pause
icon
1:03:03
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
1:03:03icon
 
Secrets end up everywhere, from dev systems to CI/CD pipelines to services, certificates, and cloud environments. Vlad Matsiiako shares some of the tactics that make managing secrets more secure as we discuss the distinctions between secure architectures, good policies, and developer friendly tools. We've thankfully moved on from forced 90-day user…
  continue reading
 
Artwork

1
The past, present, and future of enterprise AI - Matthew Toussain, Pravi Devineni - ESW #403 2:11:51

Play Pause
icon
2:11:51
Play Pause
icon
  Play later
  Play later
  Lists
  Liked
2:11:51icon
 
In this interview, we're excited to speak with Pravi Devineni, who was into AI before it was insane. Pravi has a PhD in AI and remembers the days when machine learning (ML) and AI were synonymous. This is where we'll start our conversation: trying to get some perspective around how generative AI has changed the overall landscape of AI in the enterp…
  continue reading
 
Loading …

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Tom Llamas
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play