A conversation with Bishop Fox chief executive Vinnie Liu on the origins and evolution of the pentest services business, the emerging continuous attack surface management space, raising $75m as a 'growth mode' investment, cybersecurity's people problem, and much more...Links:Vinnie Liu on LinkedInVinnie Liu at MS BlueHat v8Anti-Drone Tools Tested: From Shotguns To Superdrones

Network security pioneer Marty Roesch takes listeners on a trip down memory lane, sharing stories from the creation of Snort back in the 1990s, the startup journey of building Sourcefire into an IDS/IPS powerhouse and selling the company for $2 billion, the U.S. government killing a Check Point acquisition, and his newest adventure as chief executive at Netography.Links:Martin Roesch on LinkedInMartin Roesch - WikipediaMartin Roesch on TwitterThe early days of SnortCisco Banks On Sourcefire And Snort For Its Security FutureCheck Point Aborts Sourcefire AcquisitionMartin Roesch joins Netography as CEO

Serial entrepreneur Subbu Rama joins the show to talk about building a cybersecurity business, addressing the problem of entitlement sprawl and raising seed funding for intelligent access governance technology.Links:BalkanID Platform ArchitectureSubbu Rama on LinkedInSubbu Rama on Twitter

Maddie Stone is a security researcher in Google's Project Zero team. Over the last few years, she has publicly tracked the discovery and disclosure of zero-day malware attacks seen in the wild. On this episode, Maddie joins Ryan to chat about three years of zero-day exploitation data, the nuances around 0day disclosures, the never-ending struggle to mitigate memory corruption attacks and the need for transparency among affected vendors.Links:A Year in Review of 0-days Used In-the-Wild in 2021Maddie Stone on LinkedIn0day "In the Wild" Spreadsheet Maddie Stone on Twitter

Symmetry Systems co-founder Mohit Tiwari has been studying data security and control flow access for more than a decade. On this episode of the podcast, he discusses his transition from academia to data security entrepreneurship, first principles around the data security and privacy, the exploding DSPM (data security posture management) space, and the mission to solve one of cybersecurity's biggest problems.Links:Mohit Tiwari | University of Texas at AustinMohit Tiwari on LinkedInFollow Mohit on TwitterSymmetry Systems DataGuardWhy is DSOS an unsolved problem?

Director at Google's Threat Analysis Group (TAG) Shane Huntley joins the show and talks about lessons from the 2009 Aurora attacks, the surge in zero-day discoveries, the usefulness of IOCs, North Korean APT operations, private sector mercenary hackers, the expanding nation-state threat actor map, and much more...Links:Shane Huntley on LinkedInTwitter: @ShaneHuntleyProject Zero: FORCEDENTRY Sandbox EscapeGoogle and Operation Aurora A walk through Google Project Zero metricsProject Zero: 0day "In the Wild" Database

Netskope security chief Lamont Orange joins the show to chat about the changing role of the Chief Information Security Officer (CISO), managing security as a business enabler, the cybersecurity skills shortage, and his own unique approach to security leadership.Links:Lamont Orange: A CISO's Point of View on Log4jFive minutes with Lamont OrangeLamont Orange columns on DarkReading

Thinkst founder and CEO Haroon Meer joins Ryan Naraine on the show to talk about building a successful cybersecurity company without venture capital investment, fast-moving attack surfaces and the never-ending battle to mitigate memory corruption issues.Links:Haroon Meer on TwitterThinkst: We bootstrapped to $11 million in ARRMemory Corruption and Hacker FolkloreThinkst CanaryPodcast: Haroon Meer, Thinkst Applied Research

Chief executive officer at Egress Tony Pepper joins the show to talk about entrepreneurship in the fast-paced age of modern computing, the state of e-mail security, and his company's bet on securing the future of messaging in the enterprise.Links:About EgressTony Pepper on LinkedInInfoSecurity Interview: Tony Pepper

Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.Links:Microsoft Flags SolarWinds Serv-U 0-day exploitSolarWinds Serv-U RCE advisoryIn-the-wild zero-day counterHacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation