Welcome to another exciting episode of the Brilliance Security Magazine Podcast! In this episode, our host Steve Bowcut takes a deep dive into the intricate world of identity security with none other than Alex Bovee, CEO and Co-Founder at ConductorOne. From theory to practice, Bovee shares his profound insights on how organizations can effectively implement zero-trust principles, fostering a more secure and resilient cyber environment. They delve into continuous access governance and the concept of complete identity visibility - key components in building a robust security infrastructure. Bovee also provides an overview of ConductorOne's unique features, particularly its automated access and just-in-time capabilities. These offerings, as Bovee explains, are instrumental in creating a seamless yet secure user experience, helping organizations to achieve an optimal balance between accessibility and security. But that's not all - Bovee also gives his predictions for the future of identity security, offering his expert perspective on the evolving landscape of cybersecurity and the challenges and opportunities it presents. Whether you're a seasoned cybersecurity professional or just keen to learn more about the world of digital security, this episode is an absolute must-listen. You won't want to miss Bovee's wealth of knowledge and the valuable insights he shares in this captivating conversation. So, tune in now to Episode 10 of Season 5 of the Brilliance Security Magazine Podcast. Get ready to unpack the complexities of identity security with Alex Bovee and ConductorOne. Remember, your security is only as strong as its weakest link. Let's strengthen those links together! Listen now!

In this exciting episode of Brilliance Security Magazine, host Steven Bowcut sits down with Nick Harrahill, the Director of Support at Spin.AI, a company that is transforming the way businesses approach security in the SaaS environment. The pair delve into the intricacies of the modern SaaS landscape and why it has become so crucial for enterprises to recognize and mitigate the security risks inherent within it. Nick provides invaluable insights from Spin.AI’s recent report, highlighting the prevalence and potential dangers of third-party SaaS applications and browser extensions, specifically in Google Workspace and Microsoft 365 environments. Additionally, Steven and Nick discuss practical strategies for businesses to evaluate the risk levels of the SaaS applications they are currently using and much more. They delve deep into the current state of SaaS security and explore innovative approaches to make your digital workspace safer and more secure. Whether you're a cybersecurity professional or just interested in the field, this conversation offers a wealth of information about the increasingly important topic of SaaS security. About our Guest Nick Harrahill is an experienced cybersecurity and business leader. His industry experience includes leading security teams at enterprise companies such as PayPal and eBay, as well as building programs, processes, and operations at cybersecurity start-ups. Nick has managed teams focused on vulnerability management, application security, third-party risk, insider threat, incident response, privacy, and various facets of security operations. Don't miss this episode if you want to stay informed about the latest trends and challenges in SaaS security. Listen in to understand how you can better protect your business in the dynamic and often challenging landscape of SaaS applications. Tune in today to expand your knowledge and stay ahead of the curve!

In this riveting episode of the Brilliance Security Magazine podcast, Steven Bowcut sits down with Bob Bregant, COO & Co-founder of OpsHelm, and Lee Brotherston, Founding Engineer at OpsHelm, to delve into the top three cloud security challenges faced by cybersecurity professionals today. Bob and Lee offer valuable insights into how OpsHelm is addressing these pressing concerns and provide expert advice on tackling them. Our guests highlight the magnitude of the problems associated with cloud misconfiguration and share best practices to mitigate these risks effectively. Listen in as they discuss real-world examples and solutions, equipping cybersecurity professionals with the knowledge they need to stay ahead of the curve in this ever-evolving industry. About our Guests Bob Bregant spent the last decade-plus growing from managing ticket queues to managing systems, organizational security initiatives, security teams, and clients. He has worked with startups, governments, non-profits, and the Fortune 50 — seeing the unique quirks and, more often, finding the common threads that seem to exist across organizations of all stripes. Lee Brotherston is a seasoned security leader with decades of experience at all levels of security and is the co-author of the hugely successful O'Reilly "Defensive Security Handbook." With a knack for security research, Lee is regularly invited to speak at security conferences like B-sides, BlackHat, and Defcon. Don't miss this enlightening conversation with industry leaders as they navigate the complex landscape of cybersecurity and empower listeners with actionable strategies to strengthen their defenses. Tune in to the Brilliance Security Magazine podcast now!

Welcome to Brilliance Security Magazine podcast, where we discuss the latest trends, challenges, and innovations in the cybersecurity industry. In this episode, host Steve Bowcut interviews Ben Chappell, CEO, and Roger Neal, Head of Products, at Apona Security. Apona Security is a leading provider of Software Composition Analysis (SCA) technology with patented analytics. The topic of the show is "How to Secure Your Supply Chain and Get Visibility Into Your Software Security," where Ben and Roger share their approach to software security and talk about how their platform is unique. The discussion dives into the importance of organizations prioritizing their security as a core part of their development process. During the podcast, Ben and Roger discuss the importance of securing the software supply chain, which has become a critical component of cybersecurity in recent years. They discuss the challenges organizations face and share their approach to mitigating cyber risks. They explain how Apona Security's platform helps organizations gain visibility into their software security by analyzing the software supply chain and identifying potential vulnerabilities.  Ben and Roger emphasize that security should be a core part of the development process, not just an afterthought. They also highlight the importance of educating developers and engineers on secure coding practices to prevent security vulnerabilities in the software.  Moreover, they explain how Apona Security's patented analytics technology sets them apart from other SCA vendors, providing a comprehensive view of the software supply chain and identifying all dependencies and vulnerabilities. They also discuss the importance of continuous monitoring and assessment of the software supply chain, as new vulnerabilities are discovered and patched regularly. The discussion highlights the need for proactive measures to protect against potential security threats and the role of technology in helping organizations achieve this goal. About our Guests Ben Chappell is an accomplished cybersecurity leader with a wealth of experience in the field. He currently serves as the CEO of Apona Security, where he leads a high-performing team with an OpEx business model, positioning the company as a leader in SCA (Software Composition Analysis) and SAST (Static Application Security Testing). Outside of the office, Ben is a devoted family man, husband, and father of two children. He serves as a head soccer coach in his community. With his extensive global leadership background and passion for innovation, Ben Chappell is poised to drive Apona Security to new heights in the cybersecurity industry. Roger Neal is the Head of Products at Apona Security, a leading provider of cybersecurity solutions. Roger has a strong background in both athletics and technology, having been a Division One athlete and earning his degree in Information Systems. After graduation, he shifted his focus to cybersecurity and has since become a seasoned professional in the field. In his current role, Roger is responsible for overseeing the development and execution of Apona's product strategy, ensuring that the company's solutions remain at the forefront of the industry. Through his leadership and expertise, Roger has helped Apona Security continue to deliver cutting-edge cybersecurity solutions to clients worldwide.

Welcome to S5E6 of the Brilliance Security Magazine Podcast, where we bring you interviews with top security professionals in the industry. In this episode, our host Steve Bowcut is joined by Eric Kedrosky, the CISO at Sonrai Security, to discuss the recent LastPass cyber attack. Eric and Steve dive into the details of how the attack was discovered, the root causes of the breach, and what lessons security professionals can take away from this event. Join us for this insightful conversation on the latest threat to our cybersecurity. About our Guest Over the last two decades, Eric Kedrosky has honed his knowledge of Security Program Development, Security Strategy, Security Assessment, Research & Policy Development, and Leadership Development. His passion for collaborating with customers and executives has made him a crucial member of the Sonrai Security team. Few people have the combination of technical and communication skills that have pushed him to the forefront of cloud security assessment and development. Eric graduated from Carleton University in Ottawa, Canada, with a Bachelor of Computer Systems Engineering.

In this episode of Brilliance Security Magazine's podcast, host Steve Bowcut interviews Idan Wiener and Bogdan Kortnov of Illustria about the potential risks open-source libraries pose in the context of supply chain attacks. They discuss the current state of these threats and what organizations should be aware of when it comes to open-source libraries. Wiener and Kortnov give details regarding the vulnerabilities in the ecosystem, such as the recent discovery of a popular NPM package. The episode also covers topics such as possible ways to detect malicious activities and other methods for improving security in organizations. By the end of the episode, listeners will better understand open-source library threats and how to address them. About our Guests Idan Wiener, CEO at Illustria, has vast experience in both startup and corporate environments, with exposure to international markets. He served seven years as a Captain at the Israeli Naval Academy, leading soldiers, and officers in complex classified operations. With seven years of experience in development and information security, Bogdan Kortnov, CTO at Illustria, began his career as a Pentester before progressing to developing numerous secure systems. Eventually, he became an information security architect, guiding startups and information security firms on secure architecture and development practices. Don't miss this insightful discussion with Wiener and Kortnov of Illustria! This podcast is an essential resource for anyone interested in supply chain security or learning more about open-source libraries and their risks. Tune in to the Brilliance Security Magazine podcast today and stay informed.

As cybersecurity threats become more sophisticated, organizations must employ new measures to protect their networks, digital assets, and data. By understanding and implementing these concepts, you can help reduce your organization’s risk of a cyberattack. In this episode, cybersecurity expert Bikash Barai, Co-founder of FireCompass, explains how to manage your company’s external attack surface and perform continuous automated red teaming. Host Steven Bowcut and Bikash discuss the importance of external attack surface management and continuous testing of your defenses. Bikash explains the relationship between automated red teaming and attack surface management and offers advice about how organizations can prioritize the tsunami of vulnerabilities they face. About our Guest Bikash Barai is a serial cybersecurity entrepreneur. Before co-founding FireCompass, he founded iViZ, an automated application security testing company. He has graduate and post-graduate degrees from the Indian Institute of Technology (IIT) in computer science and architecture. He is passionate about AI, cognitive hacking, and attack simulation. He is credited for several innovations in the domain of IT Security and has multiple patents. Bikash is one of Fortune's 40-under-40 and has also received multiple other recognitions from UC Berkeley, Intel, Nasscom, Red Herring, TiE, & others. Outside of cyber security, Bikash is an amateur magician and painter. He is also passionate about mindfulness meditation, psychology, and philosophy. Listen to learn more about external attack surface management and continuous automated red teaming.

Medical devices are becoming increasingly interconnected and vulnerable to cyber-attacks. As a security professional, it's crucial that you understand the risks and how to safeguard these devices. This episode will provide an overview of the medical IoT landscape and critical considerations for protecting these devices. Listen in as Richard Staynings, Chief Security Strategist at Cylera and Steve Bowcut discuss what security professionals need to know about the ever-increasing threats against IoT devices in the medical environment. They cover the vulnerable devices, the information threat actors seek, the types of attacks they launch, and effective mitigation strategies. About our Guest Richard Staynings is a globally renowned thought leader, author, public speaker, and international luminary for healthcare cybersecurity. He has helped governments and private providers formulate long-term strategies and tactical action plans for improved cybersecurity and patient safety across the industry and the world. He has served on numerous working groups and boards. Richard serves as Chief Security Strategist for Cylera, a medical device, and Health-IoT security pioneer. He is also the author of Cyber Thoughts, a leading healthcare cybersecurity blog, and teaches postgraduate cybersecurity and health informatics courses at the University of Denver, University College. Take advantage of this informative discussion about medical and hospital IoT devices.

In Episode S5E2, our guest is Sanjay Raja, VP of Product Marketing and Solutions at Gurucul. Gurucul is a provider of a real-time Cloud-native Next-Gen Analytics and Security Operations Platform. Sanjay shares his informed perspective about the growing threats posed by insiders.  After providing a high-level overview of the scope and magnitude of the insider threat problem, Sanjay offers some trends he has identified and some of the possible causes for the increase in these types of threats. He offers valuable information about what organizations can do to detect and prevent insider threats.  About our Guest Sanjay holds a CISSP and brings over 20 years of experience in building, marketing, and selling cyber security and networking solutions to enterprises, small-to-medium businesses, and managed service providers. Previously, Sanjay was VP of Marketing at Prevailion, a cyber intelligence startup. Sanjay has also had several successful leadership roles in Marketing, Product Strategy, Alliances, and Engineering. Be sure to listen in to learn more about the growing problem of insider threats.

In this episode, Steve Bowcut's guest is Adam Shostack. In this discussion focused on Threat Modeling in Modern Software Development, Adam, a threat modeling expert, lends a unique and compelling perspective. Adam offers a glimpse into his work at Shostack & Associates and provides a high-level overview of threat modeling. Steve and Adam discuss the primary benefits of threat modeling, and listeners are provided with an insider's view of the process. Adam talks about his new book: Threats: What Every Engineer Should Learn From Star Wars, explaining why he wrote the book, its target audience, and some of the takeaways from the book. About our Guest Adam is a leading expert on threat modeling and a consultant, entrepreneur, technologist, author, and game designer. He's an Affiliate Professor at the University of Washington, a member of the BlackHat Review Board, and a Linkedin Learning Author. He currently helps many organizations improve their security via Shostack + Associates. Adam is the author of Threats: What Every Engineer Should Learn From Star Wars. Listen in to find answers to all your threat modeling questions.