Security Conversations By cover art

Security Conversations

By: Ryan Naraine
Listen for free

  • Summary

  • Security Conversations covers the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. Thoughtful conversations with security practitioners on threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted malware espionage activity. Connect with Ryan on Twitter (Open DMs).
    © 2024 The Naraine Group
    Show more Show less
Episodes
  • Cris Neckar on the early days of securing Chrome, chasing browser exploits

    Cris Neckar on the early days of securing Chrome, chasing browser exploits
    Apr 11 2024
    Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.
    Show more Show less
    55 mins
  • Costin Raiu joins the XZ Utils backdoor investigation

    Costin Raiu joins the XZ Utils backdoor investigation
    Apr 5 2024
    Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state. Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.
    Show more Show less
    52 mins
  • Katie Moussouris on building a different cybersecurity businesses

    Katie Moussouris on building a different cybersecurity businesses
    Jan 19 2024
    Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Katie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple advisory roles for the U.S. government, including the new CISA Cyber Safety Review Board (CSRB). In this episode, Moussouris discusses Luta Security's new Workforce Platform profit-sharing initiative, the changing face of the job market, criticisms of the CSRB's lack of enforcement authority, and looming regulations around zero-day vulnerability data.
    Show more Show less
    30 mins
Leadership Economics Politics & Government
Show more Show less

What listeners say about Security Conversations

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.com reviews

Amazon reviews
No Reviews are Available