Videos

In this sponsored product demo, Dropzone AI founder and CEO Edward Wu walks Risky Business podcast host Patrick Gray through the company’s AI SOC analyst.

Dropzone is an AI-powered agent that acts as a Level 1 SOC analyst, and it works way better than you’d expect. It can take all your SOC alerts, investigate them, dismiss or escalate them. There are a bunch of really cool use cases for this tech, from saving your staff from the most mind-numbingly boring SOC work, to building a 24/7 capability without having to have staff all over the world.

Request a Demo:

https://www.dropzone.ai/request-a-demo?utm_campaign=6762410-%5BVirtual%20Event%5D%20Risky%20Business%20Podcast&utm_source=sponsorship&utm_medium=podcast%20on%20Youtube&utm_content=demo%20request…

In this edition of Between Two Nerds Tom Uren and The Grugq talk about an in-depth report on a Ukrainian hacking control panel. The panel shows how the Ukrainian group thinks about hacking operations and the pair discuss why the report exists and what it achieves.

Tom Uren and Patrick Gray talk about a SentinelOne report about how it is constantly targeted by both cybercriminal and state-backed hackers. Security firms are high-value targets, so constant attacks on them are the new normal.

They also discuss an article that calls Signal “a kind of dark matter of American politics and media”. Many policy discussions occur on the app, and this explains the Trump administration’s extensive use of the app.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news:

• British retail stalwart Marks & Spencer gets cybered
• South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat
• It’s a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups
• Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then)
• Anti-DOGE whistleblower sure sounds like he has a point

This week’s episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc’s CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems. …

In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products:

• LimaCharlie: A public cloud for SecOps

https://limacharlie.io/

• Honeywell Cyber Insights: An OT security/discovery solution

https://process.honeywell.com/us/en/products/ot-cybersecurity/cyber-insights

• Fortra’s CobaltStrike and Outflank: Security tooling for red teamers

https://www.fortra.com/offensive-security-tools https://www.outflank.nl/…

In this edition of Between Two Nerds Tom Uren and The Grugq discuss the Southeast Asian criminal syndicates that run online scam compounds. Should organisations like US Cyber Command or the UK’s National Cyber Force target these gangs with disruption operations?

Tom Uren and Adam Boileau talk about how scam compound criminal syndicates are responding to strong government action by moving operations overseas. It’s good they are being affected, but they are shifting into new countries that don’t have the ability to counter industrial-scale transnational organised crime.

They also discuss CISA’s Secure by Design initiative and that key people behind the program have left the organisation. Given prospective job cuts at CISA it is hard to see the initiative getting a lot of love, but international cyber security authorities should pick up the slack.

In this edition of Between Two Nerds Tom Uren and The Grugq discuss whether cyber operations can be ‘strategic’ and affect the fate of nations.

Tom Uren and Patrick Gray discuss Trump’s order singling out Chris Krebs, former head of CISA, that requires investigations into Krebs and also punishes his employer. It is a move deliberately designed to chill dissent and they look at what the cyber security industry will likely do in response, which is probably not much.

The pair also discuss what is being interpreted as an admission that Chinese senior leadership is behind the Volt Typhoon hacking of US critical infrastructure.

In this edition of Snake Oilers three vendors pitch host Patrick Gray on their tech:

• Pangea: Guardrails and security for AI agents and applications (https://pangea.cloud))

Worried about your AI apps going rogue, being mean to your customers or even disclosing sensitive information? Pangea exists to address these risks. Fascinating stuff.

• Cosive: A threat intelligence company that can host your MISP server in AWS. CloudMISP! (https://www.cosive.com/capabilities/cloud-misp))

Are you running a MISP server on some old hardware under a desk in your SOC? There’s a better way! Cosive can run it for you on AWS so you can just use it instead of wrestling with maintaining it. They also do some CTI consulting to help you get better use out of MISP….