In this episode, SquareX Field CISO John Carse sits down with Jayesh, founder of Cloud Village and CEO of Cloudurance Security, to explore the growing threat of browser-based attacks in cloud environments. Jayesh shares practical insights on product security, the importance of "enrollment conversations" with stakeholders, and why browsers have become the primary attack surface for modern threats. 0:00 Introduction to Jayesh and Cloud Village 14:12 Ensuring that security doesn’t become an afterthought in development 29:30 How security leaders can influence cloud adoption decisions 38:13 Approaching browser-based attack surfaces in organizations 55:06 Challenges of implementing auto remediation in the cloud 1:06:03 The impact of AI/ML on cloud security 1:17:57 Closing and what to expect at Cloud Village at RSA 🔔 Follow Jayesh and John on: https://www.linkedin.com/in/jayeshsch/ https://www.linkedin.com/in/johncarse/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Join us as we welcome Sid Trivedi (Partner at Foundation Capital) and Ross Haleliuk (Founder of a Stealth Security Startup and Author of Cyber for Builders), co-hosts of the "Inside the Network" podcast! In this conversation, they share investor and operator perspectives on cybersecurity trends and its evolution from technical obscurity to mainstream concern. Sid and Ross also explore how major incidents have changed public perception, why browsers are becoming critical battlegrounds, and what separates lasting innovation from opportunistic ventures in the security landscape. 0:00 About Sid and Ross 4:07 How cybersecurity awareness has evolved over 5 years 8:42 What the Wiz acquisition means for startups and investment 12:45 Navigating the crowded cybersecurity landscape 20:50 Sid’s experience investing in deception security and the importance of pivoting 29:01 How attackers drive market forces 33:23 The difficulty of changing stakeholder behavior 42:45 How the security mindset helps your personal life 54:13 Overlooked opportunities in the cybersecurity market 57:33 Closing: building security culture through storytelling 🔔 Follow Sid, Ross and Aleksandra on: https://www.linkedin.com/in/siddhanttrivedi/ https://www.linkedin.com/in/rosshaleliuk/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Jeff Moss, founder of the famed DEF CON and Black Hat conferences, joins Vivek Ramachandran for another episode of the Be Fearless Podcast. Jeff reveals how DEF CON’s new one-roof strategy at the Las Vegas Convention Center has transformed the conference experience, while preserving its unique hacker culture that has endured for decades. He explains why browsers have become the prime battleground for attackers - with everyone using browsers, it's a numbers game where “somebody somewhere is going to click on something.” The conversation covers everything from mesh networks connecting the hacker community year-round to the emerging threat of browser-native ransomware that targets cloud storage through identity theft. Jeff also dives into the privacy renaissance driving people toward distributed platforms like Mastodon, where monetization and algorithmic amplification take a backseat to community-driven content. 0:00 DEF CON's emergency venue move and its unexpected benefits 8:20 Preserving hacker culture as DEF CON has grown 22:39 This year's DEF CON physical badge and mesh network initiatives 26:42 How 500+ volunteer "goons" make DEF CON happen 38:30 Browser security as the new attack frontier 48:50 AI agents, Browser-Native Ransomware and Deepfakes 1:00:09 On peer-to-peer communication and decentralized alternatives 1:06:51 Angel investing in cybersecurity startups 🔔 Follow Jeff and Vivek on: https://www.linkedin.com/in/jeffmoss/ https://www.linkedin.com/in/vivekramachandran/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

In this episode of the Be Fearless Podcast, Yu Long (Tyler) Tang, Director of Enterprise Information Security Strategy at softScheck APAC, joins us to share his journey from martial arts to cybersecurity and how the protection mindset carried over. A highly qualified speaker and Secretary and Certified Mentor with the ISC2 Singapore Chapter, Yu Long (Tyler) covers browser security, his work as a volunteer and mentor, and why past security performance can't predict future threats. 0:00 Yu Long (Tyler)'s journey from martial arts to cybersecurity 7:22 Yu Long (Tyler)'s work in security by design 21:49 The browser as an overlooked attack surface 28:31 The zero-day prediction problem 36:01 How granularity of security controls depends on different factors 39:51 Making security relevant to business stakeholders 48:17 Critical qualities for cybersecurity career growth 🔔 Follow Yu Long (Tyler) and Aleksandra on: https://www.linkedin.com/in/yulongtang/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Ever wondered how professional hackers think? SquareX Field CISO John Carse sits down with Abhijith B R, Founder/Head of security consulting at BreachSimRange, and Adversary Village at DEF CON, who also has a wealth of ethical hacking experience. In this episode, Abhijith pulls back the curtain on the hacker mindset, shares his war stories from previous engagements, thoughts on browser security and why basic security hygiene still matters more than fancy products. This conversation is packed with practical advice for strengthening your security posture by thinking like the attackers who are targeting your organization. 0:00 Introduction and how attacker techniques have evolved 9:12 How attackers target enterprises today 14:15 War stories from security assessments 18:40 Abhijith's cybersecurity journey and founding Adversary Village 25:10 Abhijith’s conference experience and how Red Teaming is like martial arts school 32:17 Red team vs. purple team approaches 39:37 Browser security challenges and attack vectors 47:12 Top recommendations for browser security 57:34 Collaborative approaches to purple teaming 1:04:02 Closing: Advice for new security professionals at DEF CON 🔔 Follow Abhijith and John on: https://www.linkedin.com/in/abhijith-b-r https://www.linkedin.com/in/johncarse/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

In this episode, SquareX field CISO John Carse speaks with Mike Cunningham, R&D Program Manager at MITRE's Center for Threat-Informed Defense. Mike brings his unique background from the Navy and NSA to discuss how organizations can better defend against cyber threats by understanding adversary behaviors, browser security challenges and more. If you ever wanted to know more about MITRE, its ATT&CK framework and the good work they do — this is an episode you won’t want to miss. 0:00 Introduction and Mike's cybersecurity journey 5:33 The MITRE ATT&CK framework and threat-informed defense 15:01 On the threatscape, social engineering vs. infrastructure vulnerabilities 20:49 Browser (extensions) and SaaS app security challenges 27:36 On patch management and security trends 34:53 Common mistakes in organizational security approaches 38:24 The Center for Threat-Informed Defense’s research on AI 42:09 Closing remarks and what people don't know about MITRE 🔔 Follow Mike and John on: https://www.linkedin.com/in/mticunningham/ https://www.linkedin.com/in/johncarse/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

In this International Women's Day special episode, Evelyn Lam, CISO of Trust Wallet, shares her journey from traditional banking at Morgan Stanley to the cutting edge of Web3 security. She breaks down the fundamental differences between Web2 and Web3, explaining why security is even more critical in a decentralized environment where users control their own assets without centralized oversight. Evelyn discusses the Bybit hack, the transformative role of AI in blockchain security, and offers practical advice for staying safe in the crypto world. She also shares insights on how the unique meritocracy of Web3 can create opportunities for women in cybersecurity. 0:00 An overview of Web3 and Eve’s transition to crypto security 7:12 Trust Wallet’s approach to security 9:42 Industry lessons from the Bybit hack 14:14 How AI is being leveraged for Web3 security 16:49 Critical security threats in Web3 21:24 Balancing security with user experience 23:51 How users can protect themselves 25:56 How Eve’s IAM experience from traditional banking applies to Web3 28:44 Eve’s mentorship work in cybersecurity 33:00 Closing thoughts and using AI the right way 🔔 Follow Eve and Aleksandra on: https://www.linkedin.com/in/evelam/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Ever wondered what it really takes to lead security at a crypto company? In this episode, we sit down with Pasi Koistinen, CISO at Coinhako, who's spent more than two decades in the cybersecurity trenches. Pasi gets real about why being technically brilliant isn't enough anymore - you've got to speak the language of business to succeed as a CISO. He also shares insights on browser security blind spots, why crypto companies face unique threats, and what he looks for when hiring security talent. If you're struggling to communicate security risks to executives or trying to figure out your next career move in security, Pasi's practical advice might be exactly what you need. 0:00 Introduction and being a business-minded security leader 7:22 Prioritizing as a CISO 10:05 The story behind Pasi’s book — "Smiling Security" 15:47 Learning from security incidents in crypto 20:31 Web3 security and protecting your funds 26:42 Browser security and emerging out-of-band attacks 38:31 Bybit hack and other supply chain attacks 41:12 Closing: Advice for aspiring professionals and CISOs 🔔 Follow Pasi and Aleksandra on: https://www.linkedin.com/in/pasikoistinen/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

This special International Women's Day episode features Elcin Biren, security leader, Founder and CEO of SwissCyberSmart. With nearly two decades of cybersecurity experience spanning roles from ethical hacker to CISO, Elcin shares her journey and mission to protect families online. Elcin discusses her groundbreaking work with the world's first cybersecurity parents’ bootcamp, her perspective on browser-based attacks, and how she's applying her knowledge of neuroscience to combat social engineering. She also addresses the challenges women face in cybersecurity and offers practical advice for creating a more diverse and effective industry. 0:00 Introduction to Elcin and her cybersecurity journey 6:31 Founding Swiss CyberSmart: CSO services and cybersecurity e-learning 9:52 Creating the world's first cybersecurity parents bootcamp 14:19 Being recognized as a 40 under 40 leader and challenges for women in the industry 16:56 What needs to change in cybersecurity 21:32 Evolution of browser-based attacks 23:42 Neuroscience and the psychology of social engineering attacks 27:24 Best practices for securing AI systems and mitigating risks 30:05 Managing cybersecurity crisis situations and the importance of cyber resilience 33:02 Elcin’s advice to her younger self 34:32 Closing thoughts: three essential leadership traits for cybersecurity leaders 🔔 Follow Elcin and Aleksandra on: https://www.linkedin.com/in/elcinbiren https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Ever wondered what it takes to reach the top tier of cybersecurity leadership? In this candid conversation, Darren Argyle shares his remarkable path from being a bar manager in the UK to becoming a recognized global CISO and cybersecurity educator. You’ll learn Darren’s 5 principles for reaching a $1M cybersecurity salary, why browser security has become a critical concern for enterprises, and why taking bold risks—like Darren's move from the UK to Australia—can transform both your life. 0:00 Darren's unique career journey from bar owner to cybersecurity 8:18 Five principles to reach a $1M cybersecurity salary 14:55 Authenticity and community in building a personal brand 21:11 Why mentorship is critical for career growth in cybersecurity 25:59 On navigating regulatory demands 29:39 Browser security challenges in financial services 36:39 The AI paradox in cybersecurity 40:50 Darren’s defining career moment: making the risky move to Australia 🔔 Follow Darren and Aleksandra on: https://www.linkedin.com/in/darrenargyle/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

“You don't have to wait for permission. You don't have to wait for someone to see you, recognize you or whatever. I firmly believe that the world is your oyster.” Join us for an insightful and inspiring conversation with Jane Frankland MBE, a globally recognized cybersecurity leader and author of "INSecurity." In this episode of the Be Fearless Podcast, you’ll hear about Jane’s journey from textile design to cybersecurity, and learn about the importance of diversity in strengthening enterprise security. Jane also shares invaluable insights on current threats, including browser-based attacks, identity security, and the evolving landscape of enterprise cybersecurity. 0:00 Jane’s unconventional journey from textile design to cybersecurity 5:42 Why cybersecurity isn't boring 7:04 On Jane’s work as a cybersecurity influencer 14:42 INSecurity: Jane’s book on why companies need to attract and retain women 18:17 “Men are the problem, and the answer as well” 22:31 Career advice for women entering the field 30:02 Predictions for 2025: Insider threats and shadow AI 35:47 Browser security and modern attack vectors 43:20 Closing thoughts and Jane's greatest achievement 🔔 Follow Jane and Aleksandra on: https://www.linkedin.com/in/janefrankland/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

As the founder of Software Analyst Cyber Research (SACR), Francis Odum has built a name for himself in cybersecurity research, cutting through the noise with in-depth analyses that resonate across the industry. In this episode with Aleksandra, he breaks down what makes security research impactful, why browser security is becoming an urgent priority for enterprises, and how AI is reshaping security policies and challenges CISOs are facing. 0:00 How Francis got started in cybersecurity and founding SACR 5:13 Francis on his research going viral 10:25 How AI can help (and harm enterprises) 12:46 Mitigating threats with browser-native security 13:54 How heads of security can protect their data 19:15 How browser-native security can complement SASE/SSE solutions 21:52 CISO’s pain points and problems that security vendors can solve 27:16 Closing thoughts: the importance of being curious and loving what you do 🔔 Follow Francis and Aleksandra on: https://www.linkedin.com/in/francis-odum-0a8673100/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

Get ready for an eye-opening conversation with John Carse, cybersecurity veteran and CISO! Hosted by SquareX Founder and CEO Vivek Ramachandran, this episode takes us through defender-centric topics like the risk of shadow IT, the evolution of the browser as an attack surface and preparing enterprises for the next wave of sophisticated cyber threats. 0:00 How John got into cybersecurity and forensics 7:49 How small mistakes can lead to business losses 9:43 Structuring a security team and programme 15:59 Security awareness in large companies and hybrid working environments 19:41 How shadow SaaS and shadow IT pose a risk to enterprises 30:13 How browsers — and their attack surface — have evolved 48:11 Why aspiring CISOs must understand their business 52:13 Closing thoughts: how the gift of a computer changed John’s and Vivek’s life trajectories 🔔 Follow John and Vivek on: https://www.linkedin.com/in/johncarse/ https://www.linkedin.com/in/vivekramachandran/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

In this episode of The Be Fearless Podcast, SquareX founder Vivek Rmachandran sits with cybersecurity legend Jeremiah Grossman — one of the “OGs” of cyber, founder of WhiteHat Security, and now MD at Grossman Ventures. Jeremiah shares his wealth of knowledge and takes us through his security journey, sharing how he went from breaking into Yahoo Mail (and getting a free t-shirt for it) to building some of the most influential cybersecurity companies in the industry. 0:00 Jeremiah’s early days in cybersecurity and hacking Yahoo 4:59 Founding WhiteHat Security and creating a common AppSec lexicon 9:20 How Jeremiah got started presenting in conferences 12:11 How the hacking scene has changed to becoming a vocation 14:44 Making the leap from security researcher to founder 18:49 Advice for founders: the 3 types of people to talk to daily 24:19 After WhiteHat: achieving success with SentinelOne 28:54 Moving on to being a venture capitalist 35:25 Advice to budding cybersecurity entrepreneurs: lock on to that one problem 39:37 Why browser security is at odds with the advertising model 43:34 On being a SquareX advisor and investor 49:23 Final thoughts and where to connect with Jeremiah 🔔 Follow Jeremiah and Vivek on: https://www.linkedin.com/in/grossmanjeremiah/ https://www.linkedin.com/in/vivekramachandran/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…

In our new series, Cybersecurity Community Voices, Anand Thangaraju, Field CISO and cybersecurity expert, shares his journey from engineer to CISO, insights on upcoming threats, advice for aspiring CISOs and more. Packed with practical advice and fresh perspectives, this episode offers valuable lessons for security leaders and practitioners alike. 0:00 Introduction and Anand’s career journey 3:48 What does a field CISO do? 9:09 Addressing browser-based threats, AI in cybersecurity 15:33 Getting buy-in from the boardroom when procuring new solutions 20:50 On creating a new disruptive category in cybersecurity 24:47 How browser threats will evolve and a passwordless future 28:55 Hybrid work and its impact on cybersecurity 32:40 Advice for aspiring leaders 36:19 Closing thoughts: “Always seek learning new things” 🔔 Follow Anand and Aleksandra on: https://www.linkedin.com/in/athangaraju/ https://www.linkedin.com/in/aleksandra-melnikova-1012/ 🔥 Powered by SquareX SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. Find out more about SquareX at https://sqrx.com/…