Three Buddy Problem

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Faraday chief executive Federico 'Fede' Kirschbaum joins the show to talk about building a startup in the vulnerability management space, the intricacies of the Argentinian hacking culture, stories of exploit writers and mercenary hackers, and the overwhelming U.S.-centric view of the cybersecurity industry.Links:Faraday at Black Hat 2023Fede on LinkedInFederico Kirschbaum on TwitterEkopartyPadding Oracles Everywhere (Rizzo/Duong)

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Product security executive Kymberlee Price joins the show to gab about life in the trenches at the Microsoft Security Response Center (MSRC), the challenges of maintaining healthy hacker/vendor relationships, the harsh realities of bug-bounty programs, and thoughts on the cybersecurity job market.Links:Kymberlee Price on LinkedInBlueHat Seattle Closing Remarks - YouTubeKeynote: Defenders Assemble - Kymberlee PriceBlueHat | Microsoft

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) New General Manager of the Open Source Security Foundation (OpenSSF) Omkhar Arasaratnam joins Ryan for a candid conversation on the challenges surrounding open-source software security, lessons from the Log4j crisis, the value of SBOMs, and the U.S. government efforts at securing America's software supply chains.Links:OpenSSF Welcomes New General ManagerOpenSSF Alpha-OmegaCSRB report on Log4jBig Tech Object to US Gov SBOM MandateOmkhar Arasaratnam on LinkedIn

Rishi Bhargava, a serial entrepreneur and co-founder of Descope, dives into the exciting world of cybersecurity and passwordless authentication. He discusses the $53 million seed funding that Descope secured and sheds light on the complexities of customer identity management. Rishi shares insights about emerging identity solutions like biometrics, the security challenges faced by startups, and the strategic importance of building trust in a competitive market. He also touches on the unique advantages of Israeli tech talent in cybersecurity.

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Symmetry Systems executive Claude Mandy joins the show to discuss a career in the security trenches, life as a CISO during the WannaCry crisis, and first principles around data security. We dig into the emerging Data Security Posture Management (DSPM) category and how it extends the Zero Trust philosophy to hybrid cloud data stores.Links:Claude Mandy on LinkedInWhat is Data Security Posture Management (DSPM)?The DataGuard SolutionFollow Claude Mandy on Twitter

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Munich Re Ventures investment principal Sidra Ahmed Lefort joins Ryan Naraine for a frank discussion on the state of VC funding in cybersecurity, the rise (and coming correction) in the land of security 'unicorns', the massive early-stage funding rounds and what they mean, layoffs and contractions, and the places in security still ripe for innovation.Links:Sidra Ahmed Lefort on LinkedInPortfolio | Munich Re VenturesWhat's Going on With Cybersecurity VC Investments?Video: VC View - Trends in Cybersecurity Innovation

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) SecuRepairs.org co-founder Paul Roberts joins the show to discuss his passion for the right to repair consumer electronic devices, the big-ticket lobbyists working to undermine the movement, and how changing consumer spending patterns are helping to rack up regulatory wins.Links:SecuRepairs MissionPaul Roberts, Editor-in-Chief, Security Ledger — Paul Roberts, Editor-in-Chief, Security LedgerPaul Roberts on TwitterFight to Repair SubstackTesla is a Vocal Opponent of the Right to Repair. Now we know why. — Tesla is a Vocal Opponent of the Right to Repair. Now we know why.

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Luta Security founder and chief executive Katie Moussouris joins the show to dish on the bug-bounty ecosystem, the abuse of hacker labor, and the common mistakes made by even the most mature security programs. A security industry pioneer, Moussouris argues for better use of bug bounty metrics to drive decisions and a heavy focus on reducing duplicate vulnerability submissions.Links:Katie Moussouris - WikipediaKatie Moussouris on TwitterLuta Security's Vulnerability Coordination Maturity ModelReferral Bounty | Luta Security

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Caleb Sima is a cybersecurity lifer now responsible for security at Robinhood, a mobile stock trading platform. Caleb joins Ryan on the show to discuss the early hacking scene in Atlanta, building SPI Dynamics in a webapp security powerhouse, the evolution of attack surfaces, the CISO's changing priorities, and more...Links:Caleb Sima on LinkedInHP Snaps up SPI DynamicsCaleb Sima (@csima) on TwitterRobinhood BioFirst 90 Days In the CISO Chair

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Famed hacker Charlie Miller joins Ryan on the podcast to discuss a career in vulnerability research and software exploitation. Charlie talks about hacking iPhones and Macbooks at Pwn2Own, the 'No More Free Bugs' campaign, the Jeep hack that led to a recall and his current work securing Cruise's self-driving fleet. Plus, an interesting take on iOS Lockdown Mode.