Best Andrew Leyland Podcasts (2024)

1
Leighton Smith Podcast #250 - August 7th 2024 - Andrew Hollis and Bryan Leyland 1:24:17

6d ago1:24:17

1:24:17

Over the last few years, three men (two New Zealanders and a South African) have researched the “science” of global warming. They are not “climate scientists”, rather they are laymen. Unrestricted by career threats, they published “CLIMATE ACTUALLY, AND SOME TAKEAWAYS’. They are now about to release volume two. Further details are in the interview …

1
Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407 40:01

12m ago40:01

40:01

Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-407

1
Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372 2:08:47

33m ago2:08:47

2:08:47

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and …

1
Cybersecurity Myths - Eugene Spafford - PSW #839 3:08:31

23h ago3:08:31

3:08:31

Early on in his career Spaf was working with microcode and continued to work on technical projects. As time went on he realized that focusing on the non-technical work, such as policies and shaping our thinking, would help move the needle. Borrowing concepts from his book on the subject, we will delve into some cybersecurity myths such as: Are user…

1
Leighton Smith Podcast #251 - August 14th 2024 - Professor Robert MacCulloch 1:27:16

1h ago1:27:16

1:27:16

Robert MacCulloch has a resume to be envied. He began his tertiary education at the University of Auckland, continued it at London School of Economics and Princeton University, He was Director of the PhD Program at Imperial College London. He has been awarded numerous prizes along the way, and returned to NZ twelve years ago. He is Professor of Mac…

1
When Appsec Needs to Start Small - Kalyani Pawar, Danny Jenkins, Nikos Kiourtis - ASW #295 1:08:53

9m ago1:08:53

1:08:53

Startups and small orgs don't have the luxury of massive budgets and large teams. How do you choose an appsec approach that complements a startup's needs while keeping it secure. Kalyani Pawar shares her experience at different ends of an appsec maturity spectrum. In complex software ecosystems, individual application risks are compounded. When it …

1
DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet... - SWN #406 29:13

1h ago29:13

29:13

DEFCON Hijinx, AMD, Ukraine, FreeBSD, OpenVPN, the Pwnie Awards, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-406

1
Security Money: Crowdstrike Crashes the Index - BSW #360 1:03:11

12h ago1:03:11

1:03:11

This week, it’s time for security money, our quarterly review of the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. This quarter, Crowdstrike crashes the index, as Thoma Bravo acquires another index company. The index is currently made up of the following 25 pure play cybersecurity pu…

1
0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More... - SWN #405 30:42

4d ago30:42

30:42

0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-405

1
AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371 2:18:23

6d ago2:18:23

2:18:23

In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety? We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel. We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets…

1
Downgrades and Attacking Security Things & Things Not to Miss at BH/DC - Trent Lo - PSW #838 3:07:57

5d ago3:07:57

3:07:57

This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit! Learn what is most interesting at hacker summer camp this year! Visit https://www.securitywee…

1
Fake IDS, Storm Bamboo, uBlock, Rhysida, Snake, Delta, TikTok, Josh Marpet... - SWN #404 33:03

7d ago33:03

33:03

Fake IDS, Storm Bamboo, uBlock, Rhysida, Snake, Delta, TikTok, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-404

1
Building Successful Security Champions Programs - Marisa Fagan - ASW #294 1:10:17

7d ago1:10:17

1:10:17

Even though Security Champions programs look very different across organizations and maturity levels, they share core principles for becoming successful. Marisa shares her experience in building these programs to foster a positive security culture within companies. She explains the incentives and rewards that lead to more engagement from champions …

1
Say Easy, Do Hard - Job Search Strategies for CISOs - Part 1 - Merlin Namuth, Brad Rager - BSW #359 57:05

8d ago57:05

57:05

Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Job Search Strategies for CISOs. In part 1, we discuss the challenges facing the CISO role and it's hiring. As CISOs leave the role, the position is not necessarily being refilled. How will this impact future CISO hiring? Inspired by my co-host Jason Albuquerque, …

1
Cybersecurity's Love Affair with Distractions - Fred Wilmot, Dani Woolf - ESW #370 2:18:08

11d ago2:18:08

2:18:08

Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized n…

1
Taco Bell AI, Azure, Scams, AI Emails, IBM, Crowdstrike, Aaran Leyland, and More... - SWN #403 31:29

11d ago31:29

31:29

Taco Bell AI, Azure, Scams, AI Emails, IBM, Crowdstrike, I try to be more succinct, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-403

1
PK Fail - John Loucaides - PSW #837 3:22:11

12d ago3:22:11

3:22:11

John is one of the foremost experts in UEFI and joins us to talk about PK Fail! What happens when a vendor in the supply chain accidentally loses a key? It's one of the things that keeps me up at night. Well, now my nightmare scenario has come true as a key has been leaked. Learn how and why and what you can do about it in this segment! Hacking tra…

1
Leighton Smith Podcast #249 - July 31st 2024 - Patrick Basham & Ramesh Thakur 1:32:14

13d ago1:32:14

1:32:14

Patrick Basham returns to The Leighton Smith Podcast with the Democracy Institute’s polling for the 2024 Presidential election, in association with the Daily Express. Patrick has built a reputation with us as being arguably the most articulate researcher and commentator on electoral matters. He also answers the question as to whether “diversity, eq…

1
Forever mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More... - SWN #402 32:05

14d ago32:05

32:05

Forever Mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-402

1
A CISO's Perspective on AI, Appsec, and Changing Behaviors - ASW #293 45:18

17d ago45:18

45:18

Modern appsec isn't modern because security tools got shifted in one direction or another, or because teams are finding and fixing more vulns. It's modern because appsec is meeting developer needs and supporting the business. Paul Davis talks about how AI is (and isn't) changing appsec, the KPIs that reflect outcomes rather than being busy, and the…

1
Identity Security Posture Management - Allan Alford, Dor Fledel - BSW #358 1:02:51

15d ago1:02:51

1:02:51

Identity, the security threat that keeps on giving. For the 17th year in a row, identity is one of the top threats identified in the Verizon DBIR. Why? Dor Fledel, Senior Director of Product Management at Okta and Co-Founder of Spera, joins Business Security Weekly to discuss the challenges of identity and how to solve them. From numerous disparate…

1
Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369 1:58:49

18d ago1:58:49

1:58:49

The emergence of generative AI has caused us to rethink things on two fronts: how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to sec…

1
Twitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland... - SWN #401 31:59

18d ago31:59

31:59

Twitter Opt-In, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-401

1
MS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing. - Douglas McKee - PSW #836 3:04:36

19d ago3:04:36

3:04:36

Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it. Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/ Segment description coming soon!The Crowdstrike incident: what happened and …

1
Leighton Smith Podcast #248 - July 24th 2024 - Ramesh Thakur 1:20:57

20d ago1:20:57

1:20:57

Ramesh Thakur is well known to this audience; he has appeared on the Leighton Smith Podcast more than once. There was much to catch up on. His views on the world and its various parts are substantiated by life experience. He taught at a number of universities including Otago and ANU Canberra and Rector at the U.N. University. He was also an assista…

1
Killer Robots, Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet and More - SWN #400 34:11

21d ago34:11

34:11

Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-400

1
Where Generative AI Can Actually Help Security (And Where It Doesn't) - Farshad Abasi, Allie Mellen - ASW #292 1:05:00

21d ago1:05:00

1:05:00

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-ful…

1
Closing CISO-CEO Communication Gap Requires a Common Business Language - Sumedh Thakar, Jeff Recor - BSW #357 1:11:22

21d ago1:11:22

1:11:22

Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us…

1
Analyzing the CrowdStrike Incident and Its Ripple Effects - SWN #399 42:17

25d ago42:17

42:17

In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need…

1
Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368 2:06:23

25d ago2:06:23

2:06:23

In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries…

1
3D Printing For Hackers - David Johnson - PSW #835 3:01:58

26d ago3:01:58

3:01:58

Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://v…

1
Leighton Smith Podcast #247 - July 17th 2024 - Jordan Williams & George Friedman 1:29:44

27d ago1:29:44

1:29:44

Estonia is gifted with the world’s most efficient and balanced tax regime. Co-founder of the New Zealand Taxpayer’s Union, Jordan Williams suggests our Prime Minister should look seriously at that system for New Zealand. It’s easy to argue it is way better than what we have. We have a different perspective on the attempted assassination of Donald T…

1
Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet and more... - SWN #398 29:20

28d ago29:20

29:20

Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-398

1
Producing Secure Code by Leveraging AI - Stuart McClure - ASW #291 1:09:02

28d ago1:09:02

1:09:02

How can LLMs be valuable to developers as an assistant in finding and fixing insecure code? There are a lot of implications in trusting AI or LLMs to not only find vulns, but in producing code that fixes an underlying problem without changing an app's intended behavior. Stuart McClure explains how combining LLMs with agents and RAGs helps make AI-i…

1
Solving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356 1:06:15

29d ago1:06:15

1:06:15

Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing for cyber insurance. By working with the underwriters, this approach …

1
Autobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397 34:19

1M ago34:19

34:19

Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-397

1
Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367 1:31:28

1M ago1:31:28

1:31:28

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and …

1
RFID hacking & More Vulnerability Shenanigans - Iceman - PSW #834 3:30:33

1M ago3:30:33

3:30:33

Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the D-Link botnet grows. Iceman comes on the show to talk about RFID and N…

1
Leighton Smith Podcast #246 - July 10th 2024 - Anthony O’Brien 1:17:06

1M ago1:17:06

1:17:06

One of the best and most interesting interviews we’ve done. Tony O’Brien was born and raised in New Zealand. His life has followed a fascinating path, working in Australia, Britain, Canada, Hungary and beyond in a variety of capacities. In his work he "did not have a plan, just took advantage of opportunities as they presented." He is intelligent, …

1
State Of Application Security 2024 - Sandy Carielli, Janet Worthington - ASW #290 1:12:41

1M ago1:12:41

1:12:41

Sandy Carielli and Janet Worthington, authors of the State Of Application Security 2024 report, join us to discuss their findings on trends this year! Old vulns, more bots, and more targeted supply chain attacks -- we should be better at this by now. We talk about where secure design fits into all this why appsec needs to accelerate to ludicrous sp…

1
Zotac, Eldorado, Donex, Qlins, Ticketmaster, AI, Physical Security, Aaran Leyland... - SWN #396 34:06

1M ago34:06

34:06

Zotac, Eldorado, Donex, Qlins, Ticketmaster, AI, Physical Security, Aaran Leyland, and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-396

1
Technology Rationalization in Cybersecurity - Max Shier - BSW #355 1:00:30

1M ago1:00:30

1:00:30

On average, CISOs manage 50-75 security products. Many of these products have either not been deployed or only partially deployed, while others overlap of products. How do CISOs effectively consolidate their products to a manageable size? Max Shier, Chief Information Security Officer at Optiv Security, joins Business Security Weekly to discuss tech…

1
Binary - SWN Vault 25:56

1M ago25:56

25:56

Check out this interview from the SWN Vault, hand picked by main host Doug White! This segment was originally published on July 20, 2017. Doug talks about how to count from zero to one! Show Notes: https://securityweekly.com/vault-swn-18

1
Hacker Heroes - Joe Grand - PSW Vault 1:43:58

1M ago1:43:58

1:43:58

Exploring the Hardware Hacking Realm with Joe Grand, AKA Kingpin Joe Grand, also known by his hacker pseudonym "Kingpin," stands as a prominent figure in the cybersecurity landscape. With an extensive background in hardware hacking, reverse engineering, and embedded systems, Joe has carved a niche for himself as a respected authority in the field. …

1
Leighton Smith Podcast #245 - July 3rd 2024 - James Bovard 1:30:29

1M ago1:30:29

1:30:29

James Bovard is a Libertarian Journalist and Author. Thirteen books published. In his first ’The Farm Fiasco’ (1989) he referenced NZ as a world leader in farming. In 1994 came ‘Lost Rights; The Destruction of American Liberty’ We interviewed in April 2021 re Covid. Now thirty years after Lost Rights, comes ‘Last Rights; The Death of American Liber…

1
How To Avoid Being Phished - SWN Vault 46:06

1M ago46:06

46:06

Check out this interview from the SWN Vault, hand picked by main host Doug White! This Secure Digital Life segment was originally published on March 6, 2017. Have you ever wondered what phishing is? Do you know what spear phishing attacks are? Doug and Russ explain how to protect yourself from phishing scams in the inaugural episode of Secure Digit…

1
CISOs 2023 Planning Guide: Forecast The Recession's Impact On Your Program - Jeff Pollard - BSW Vault 33:21

1M ago33:21

33:21

Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on October 11, 2022. As 2023 approaches, security leaders are hard at work preparing their budgets, identifying their projects, and setting their priorities for the next twelve months. At the same time, the growth mode days of …

1
MoveIT, Entrust, Fed Reserve, ISPs, Volt Typhoon & More - Chris Wolski - SWN #395 29:10

2M ago29:10

29:10

Healthcare and malware, MoveIT, Chrome won't trust Entrust, the discovery of Volt Typhoon, & more on this episode of the Security Weekly News! Segment Resources: https://therecord.media/volt-typhoon-targets-underestimated-cisa-says Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-395…

1
The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366 2:16:26

2M ago2:16:26

2:16:26

We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their…

1
Do We Need Penetration Testing and Vulnerability Scanning? - Josh Bressers, Adrian Sanabria - PSW #833 2:51:52

2M ago2:51:52

2:51:52

This may be controversial, however, we've been privately discussing how organizations benefit from penetration testing and vulnerability scanning. Do you still need these services as a critical part of your security program? Can't you just patch stuff that is missing patches? Tune in for a lively debate! Zyxl NAS devices are under attack and the ex…

Podcasts Worth a Listen

Andrew Leyland Podcasts

Podcasts Worth a Listen

Quick Reference Guide