Safe Mode Podcast

In this episode, we sit down with Dave Merkel, CEO of Expel to take an honest, practical look at how AI and automation are reshaping the modern Security Operations Center (SOC). Our discussion covers the most tangible changes in daily SOC operations since AI adoption, cutting through industry hype to reveal which claims deserve skepticism and which use cases have delivered meaningful, measurable value. Dave also gives insights into quantifying unique workloads, shaping policies, and fostering understanding between tech teams and business leaders are also addressed, along with the unintended risks AI can introduce to analyst workflows. In our reporter chat, Greg Otto talks with Tim Starks about a jury verdict that compels NSO Group to pay $168M in damages to WhatsApp over spyware infections.

In this episode, Greg talks with Alexander Leslie, Threat Intelligence Analyst for Recorded Future’s Insikt Group and his research on “Marko Polo” – a notorious cybercriminal empire that orchestrates an array of scams, primarily using infostealer malware. Discover how this sophisticated syndicate has victimized tens of thousands worldwide and raked in millions in illicit revenue. Our guest breaks down the inner workings of these elusive "traffer teams," exploring their adaptable tactics, relentless persistence, and the insidious underground economy they fuel. Greg Otto breaks down his biggest takeaways from the RSAC 2025 Conference.

In this discussion, Alex Pinto, Associate Director of Threat Intelligence at Verizon Business and lead author of the Data Breach Investigations Report, shares vital insights on alarming cybersecurity trends. He highlights a staggering 44% of breaches involving ransomware and discusses the surge in exploited vulnerabilities and zero-day attacks, particularly affecting small and mid-sized businesses. Alongside him, Derek Johnson from CyberScoop dives into security challenges posed by OpenAI's latest GPT model, emphasizing the need for robust testing and risk management.

In this episode, Greg talks with Will Pearce, CEO and Co-founder of Dreadnode about the rapidly evolving field of offensive AI security. Greg and Will discuss the unique challenges researchers face in testing AI models for vulnerabilities compared to traditional software, unveiling how adversarial attacks impact AI security and the ethical considerations at play. We also examine the role of regulatory frameworks and emerging threats, shedding light on how insights from offensive AI security can enhance human-AI interactions and elevate security standards across industries. In our reporter chat, Greg talks with Matt Kapko on Ivanti’s issues with security in their network edge devices.

In this episode, Greg talks with Lior Div, co-founder and CEO of 7AI. Lior and Greg explore how security teams are being reinforced with AI Agents and identify the areas where CISO are embracing this technological shift to optimize their talent resources. We'll also discuss the specific security functions these agents are performing, including email security, threat hunting, and other critical cybersecurity domains. Join us as we delve into the future of AI-augmented cybersecurity teams and the potential impact on the industry's ongoing battle against sophisticated cyber threats. In our reporter chat, Greg talks with Derek Johnson about Google’s experimental LLM made for cybersecurity analysts.

In this episode, Greg Otto talks with Ken Bagnall, CEO of Silent Push Ken sheds light on the dynamics of the current cybercrime ecosystem. Ken reveals that a significant portion of the infrastructure is actually operated by affiliate networks using pre-existing technologies. During the discussion, Ken elaborates on how this ecosystem is fueled and examines the influential role played by affiliate groups, particularly those emerging from Africa and other developing countries. By offering these insights, the episode provides a fresh perspective on the often-overlooked aspects of global cybercrime operations. In our reporter chat, Greg talks with Matt Kapko about the growing problem with remote IT workers from North Korea.

In this episode, Greg Otto talks with Edera co-founder and CTO Alex Zenla, charting her path from beginnings in Minecraft IRC channels to pioneering container isolation technology. Alex discusses her unique expertise in container security, GPU protection, and AI infrastructure, and how Edera is transforming the tech landscape with a commitment to balancing open-source benefits with robust security, setting new standards for cloud security's future. In our reporter chat, Greg talks with Derek B. Johnson about a controversial executive order from Donald Trump that upends the way elections could be conducted in the future.

In this episode, Greg Otto talks with FTI Consulting’s Allie Bohan exploring the challenges organizations face in maintaining effective communication during cyberattacks. Allie and Greg uncover essential strategies for incidents, ensuring companies remain connected with stakeholders even when digital channels are compromised. We also talk on how to keep morale boosted within an organization during a time that many would consider one of the worst chapters in a business’s history. In our reporter chat, Greg talks with Matt Kapko about who is sending those massively annoying scam text messages about unpaid toll violations.

In this episode, Greg Otto talks with Sunil Mallik, the CISO of Discover Financial Services. Sunil shares his career path and the evolving challenges and responsibilities in cybersecurity, covering how he communicates with his board, strategic approaches to cybersecurity, and the importance of balancing technological investment with personnel training. In our reporter chat, Greg talks with Tim Starks about Sean Plankey being nominated for CISA director. Editor's Note: At 13:42, Mallik misspoke about his former employer. He was previously employed by Freddie Mac, not Fannie Mae.

In this episode, Greg Otto talks with Dan Lorenc, CEO and co-founder of Chainguard. They explore the challenges organizations face with CVE management, where dealing with vulnerabilities often drains valuable engineering resources. They also discuss how new visualization tools are redefining this landscape by offering clear insights into CVE trends, empowering teams to make informed decisions and optimize both security and efficiency in their software development processes. In our reporter chat, Greg talks with Matt Kapko about the United States’ indictment of China-linked hackers.