Security Conversations
Ryan Naraine
Security Conversations covers the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. Thoughtful conversations with security practitioners on threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted malware espionage activity. Connect with Ryan on Twitter (Open DMs).
Catégories: Technologie
Ajouter à ma liste
Écoutez le dernier épisode:
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- XZ.fail backdoor detector (https://xz.fail)
Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.
Links:
- Unedited transcript (AI-generated)
- Cris Neckar on LinkedIn
- Cris Neckar Bio (Two Bear Capital)
- Teenager hacks Google Chrome with three 0days
- Research on Trident zero-day flaws
- Cris Neckar podcast transcript (Unedited)
Épisodes précédents
-
117 - Cris Neckar on the early days of securing Chrome, chasing browser exploitsThu, 11 Apr 2024 - 0h
-
116 - Costin Raiu joins the XZ Utils backdoor investigationFri, 05 Apr 2024 - 0h
-
115 - Katie Moussouris on building a different cybersecurity businessesFri, 19 Jan 2024 - 0h
-
114 - Costin Raiu: The GReAT exit interviewMon, 15 Jan 2024
-
113 - Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackersFri, 05 Jan 2024 - 0h
-
112 - Allison Miller talks about CISO life, protecting identities at scaleThu, 21 Dec 2023 - 0h
-
111 - Rob Ragan on the excitement of AI solving security problemsThu, 07 Dec 2023 - 0h
-
110 - Seth Spergel on venture capital bets in cybersecurityTue, 21 Nov 2023 - 0h
-
109 - Dan Lorenc on fixing the 'crappy' CVE ecosystemTue, 14 Nov 2023 - 0h
-
108 - Cisco Talos researcher Nick Biasini on chasing APTs, mercenary hackersTue, 07 Nov 2023 - 0h
-
107 - Allison Nixon on disturbing elements in cybercriminal ecosystemWed, 01 Nov 2023 - 0h
-
106 - Dakota Cary on China's weaponization of software vulnerabilitiesFri, 15 Sep 2023 - 0h
-
105 - Abhishek Arya on Google's AI cybersecurity experimentsTue, 12 Sep 2023 - 0h
-
104 - Dr Sergey Bratus on the 'citizen science' of hackingThu, 31 Aug 2023 - 0h
-
103 - DARPA's Perri Adams on CTF hacking, new $20M AI Cyber ChallengeSun, 20 Aug 2023 - 0h
-
102 - Ryan Hurst on tech innovation and unsolved problems in securityWed, 16 Aug 2023 - 0h
-
101 - Jason Chan on Microsoft's security problems, layoffs and startupsMon, 07 Aug 2023 - 0h
-
100 - GitHub security chief Mike Hanley on secure coding, AI and SBOMsWed, 02 Aug 2023 - 0h
-
99 - Jason Shockey, Chief Information Security Officer, Cenlar FSBWed, 26 Jul 2023 - 0h
-
98 - Federico Kirschbaum on a life in the Argentina hacking sceneWed, 19 Jul 2023 - 0h
-
97 - Kymberlee Price reflects on life at the MSRC, hacker/vendor engagement, bug bountiesWed, 12 Jul 2023 - 0h
-
96 - OpenSSF GM Omkhar Arasaratnam on open-source software securityWed, 05 Jul 2023 - 0h
-
95 - Serial entrepreneur Rishi Bhargava on building another cybersecurity companyMon, 10 Apr 2023 - 0h
-
94 - Claude Mandy on CISO priorities, data security principlesMon, 06 Mar 2023 - 0h
-
93 - Sidra Ahmed Lefort dishes on VC investments and cyber uncertaintiesWed, 15 Feb 2023 - 0h
-
92 - Paul Roberts on wins and losses in the 'right to repair' battleThu, 19 Jan 2023 - 0h
-
91 - Katie Moussouris on where bug bounties went wrongThu, 08 Dec 2022 - 0h
-
90 - Robinhood CSO Caleb Sima on a career in the security trenchesTue, 08 Nov 2022 - 0h
-
89 - Charlie Miller on hacking iPhones, Macbooks, Jeep and Self-Driving CarsTue, 18 Oct 2022 - 0h
-
88 - JAG-S on big-game malware hunting and a very mysterious APTMon, 17 Oct 2022 - 0h
-
87 - Chainguard's Dan Lorenc gets real on software supply chain problemsThu, 13 Oct 2022 - 0h
-
86 - Vinnie Liu discusses a life in the offensive security trenchesSun, 07 Aug 2022
-
85 - Down memory lane with Snort and Sourcefire creator Marty RoeschMon, 25 Jul 2022
-
84 - Subbu Rama, co-founder and CEO, BalkanIDWed, 01 Jun 2022 - 0h
-
83 - Project Zero's Maddie Stone on the surge in zero-day discoveriesTue, 10 May 2022 - 0h
-
82 - Prof. Mohit Tiwari on the future of securing data at scaleFri, 06 May 2022 - 0h
-
81 - Google's Shane Huntley on zero-days and the nation-state threat landscapeMon, 04 Apr 2022 - 0h
-
80 - Lamont Orange, CISO, NetskopeMon, 21 Mar 2022 - 0h
-
79 - Haroon Meer on the business of cybersecuritySat, 19 Mar 2022
-
78 - Tony Pepper, co-founder and CEO, EgressTue, 22 Feb 2022 - 0h
-
77 - Microsoft's Justin Campbell on offensive security researchSat, 08 Jan 2022 - 0h
-
76 - Costin Raiu on the .gov mobile exploitation businessThu, 23 Dec 2021 - 0h
-
75 - Amanda Gorton, co-founder and CEO, CorelliumMon, 20 Dec 2021 - 0h
-
74 - Intel's Venky Venkateswaran on hardware-enabled securityThu, 09 Sep 2021 - 0h
-
73 - Sounil Yu on SBOMs, software supply chain securityTue, 13 Jul 2021 - 0h
-
72 - Algirde Pipikaite, Centre for Cybersecurity, World Economic ForumTue, 06 Jul 2021 - 0h
-
71 - Josh Schwartz on red-teaming and proactive security engineeringFri, 18 Jun 2021 - 0h
-
70 - Michael Laventure, threat detection and response, NetflixThu, 10 Jun 2021 - 0h
-
69 - Google's Heather Adkins on defenders playing the long gameWed, 26 May 2021 - 0h
-
68 - Collin Greene, head of product security, FacebookTue, 25 May 2021
Afficher plus d'épisodes
5
