Hacker Valley Studio

By Hacker Valley Media

Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from ... more

4.7

6060 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Hacker Valley Studio:

How many episodes does Hacker Valley Studio have?

The podcast currently has 417 episodes available.

Hacker Valley Studio episodes:

March 06, 2026 Can AI Do Your Cyber Job? Post Your Job Req and Find Out with Marcus J. Carey
Last episode, Ron and Marcus made predictions. This episode, they brought the receipts.

A journalist built an app with vibe coding and got hacked on live television.

A social network built entirely by AI (not a single line of human code!) exposed 1.5 million authentication tokens and private messages between agents.

And 88% of organizations have already had an AI security incident, while barely 14% of deployed agents ever saw a security review.

The warnings from last episode aged fast. Marcus J. Carey is back to talk about what that actually means for the people building right now, not the people theorizing about it. Ron and Marcus are in the code themselves, and this conversation is what that experience actually looks like: OpenClaw running loose on your machine, agents racking up API bills, and why guidance, not prompts, not tools, is the real skill that separates builders who thrive from builders who ship disasters.
Impactful Moments
00:00 - Introduction
02:00 - Vibe coding hack on live TV
03:30 - Mo Book leaks 1.5M auth tokens
06:00 - Marcus' origin story: War Games, 1983
08:00 - OpenClaw escapes the lab
13:30 - AT&T cuts help desk spend 90%
17:00 - Context is king, guidance is everything
19:00 - Can AI do your job rec right now?
24:00 - The first cybersecurity jobs agents will replace
27:00 - Expertise + AI = 1000x yourself
30:00 - Focus on outcomes, not new tools

Links
Connect with our guest, Marcus J. Carey, on LinkedIn: https://www.linkedin.com/in/marcuscarey/

Read the articles we referenced in this episode:
The vibe coding hack that aired on live TV, ICAEW breaks down exactly how it happened and what it means for anyone building with AI: https://www.icaew.com/insights/viewpoints-on-the-news/2026/feb-2026/cyber-dangers-of-agents-and-vibe-coding

88% of organizations have already had an AI security incident. See the full data from the Cisco State of AI Security 2026 report: https://www.helpnetsecurity.com/2026/02/23/ai-agent-security-risks-enterprise/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
39min
March 06, 2026 Why 69% of CISOs Are Ready to Walk Away with Anthony Johnson
The CISO role isn’t the finish line, it’s a launchpad. 69% of security executives are eyeing the exit, and Anthony Johnson is proof that what comes next can be even bigger.

Anthony Johnson, former Global CISO at JP Morgan and Fannie Mae, now founder and managing partner at Delve Risk, breaks down what really happens when a security leader stops buying tools and starts building companies. From the trap of unpaid advisory boards to why AI is eliminating the entry-level pipeline, Anthony delivers a no-nonsense look at career strategy, the future of fractional work, and why understanding how your company makes money is the most underrated skill in cybersecurity. If you’re a security practitioner at any level, this episode will change how you think about your next move.

Impactful Moments
00:00 - Introduction
01:00 - Meet Anthony Johnson
02:00 - 69% of CISOs want out
06:00 - Why Anthony left the CISO seat
09:00 - Revenue changes your security priorities
11:00 - Career paths after the CISO role
13:00 - The advisory board compensation trap
17:00 - AI’s threat to the talent pipeline
22:00 - Hiring for aptitude over competency
24:00 - Soft skills win in the AI era
29:00 - Corporate loyalty is dead—now what
31:00 - Networking that actually lands roles
34:00 - Know how your company makes money
36:00 - Ron’s personal reflection on freedom

Links
Connect with our guest, Anthony Johnson, on LinkedIn: https://www.linkedin.com/in/anthony-johnson-delverisk/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
41min
February 19, 2026 Securing the Workspace Attackers Already Live In with Rajan Kapoor
Your email gateway isn't enough anymore, attackers are already inside the workspace through OAuth apps, browser extensions, and account takeover.

In this episode, Ron sits down with Rajan Kapoor, VP of Security at Material Security, to break down the real risks hiding inside Google Workspace and Microsoft 365. They cover how phishing has evolved into full-blown business email compromise, why malicious OAuth apps are the new favorite attack vector, and what security teams, especially lean ones, can do right now to lock down their cloud workspace. Rajan also drops practical advice on passkeys, document sharing hygiene, and why data lifecycle management is a problem no one is solving well enough.
Impactful Moments
00:00 – Introduction
03:30 – The current state of phishing
05:30 – Outbound email compromise risk
09:30 – OAuth apps as attack vectors
15:00 – AI agents accessing your workspace
16:00 – Prompt injection is the new SQL injection
18:00 – Allow listing apps immediately
24:30 – Google Workspace vs Microsoft 365 security
27:30 – Custom detections require API expertise
28:00 – Why passkeys matter right now
32:00 – Data lifecycle management for shared docs
Links
Connect with our guest, Rajan Kapoor, on LinkedIn: https://www.linkedin.com/in/rajankkapoor/

Learn more about Material Security: https://material.security

___
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

...more
39min
February 12, 2026 Beating “Checkbox Security” With Continuous Offense with Sonali Shah
Security doesn’t fail because you missed a tool, it fails because “secure today” tricks you into relaxing tomorrow. This episode exposes why the real fight isn’t compliance… it’s whether your defenses hold up once attackers hit you with machine-speed pressure.
Ron sits down with Sonali Shah, CEO of Cobalt, to talk about how human-led, AI-powered penetration testing is evolving into full-spectrum offensive security. Sonali shares how Cobalt can start a test in 24 hours, push findings directly into Slack/Teams and Jira, and use learnings from 5,000+ pentests a year to continuously sharpen what gets caught. The big takeaway: automation finds the easy stuff as humans find the business-logic traps and attack chains that actually break companies.

Impactful Moments
00:00 - Introduction
02:21- Sonali’s unexpected CEO path
06:10 - Compliance isn’t real security
10:19 - PTaaS: start in 24 hours
12:33- 5,000 pentests yearly scale
17:01 - Humans beat automation limits
20:16 - AI behavior vulnerabilities emerge
27:54 - Indirect prompt injection explained
30:51 - Why juniors + AI is risky
38:27 - 2026 becomes AI battleground

Links
Connect with Sonali on LinkedIn: https://www.linkedin.com/in/sonalinshah/

Check out Cobalt: https://www.cobalt.io

____
Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
42min
February 10, 2026 Turning Agent Chaos into a Command Center with Pedram Amini
Text threads made AI feel personal, then agents made it productive, and suddenly “success” turns into chaos you can’t even track.

In this episode, Ron sits down with Pedram Amini, creator of Maestro, to show what agent work looks like when you stop babysitting and start orchestrating. Pedram lays out why context windows are the limiter, why harnessing beats model-chasing right now, and how Auto Run executes task-docs with fresh context every iteration so agents can run for hours (or days) without melting down.

Impactful Moments
00:00 - Intro
02:05 - Codex desktop sparks agent shift
06:40 - Harness beats model iteration
08:10 - Context window: the hidden limiter
12:10 - Terminal sprawl creates agent chaos
14:05 - Maestro panels: agents, tabs, history
17:25 - Auto Run: fresh context per task
26:15 - “Donate tokens” via Symphony PRs
28:20 - AI tax debate gets spicy
33:05 - Start simple: download and run

Links
Connect with Pedram on LinkedIn: https://www.linkedin.com/in/pedramamini/

Check out Maestro for yourself: https://runmaestro.ai/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
38min
January 29, 2026 Why MFA Isn’t the Safety Net You Think It Is with Yaamini Barathi Mohan
Phishing didn’t get smarter, it got better at looking normal. What used to be obvious scams now blend directly into the platforms, workflows, and security controls people trust every day.

In this episode, Ron sits down with Yaamini Barathi Mohan, 2024 DMA Rising Star, to break down how modern phishing attacks bypass MFA, abuse trusted services like Microsoft 365, and ultimately succeed inside the browser. Together, they examine why over-reliance on automation creates blind spots, how zero trust becomes practical at the browser layer, and why human judgment is still the deciding factor as attackers scale with AI.

Impactful Moments
00:00 - Introduction
02:44 - Cloud infrastructure powering crime at scale
07:45 - What phishing 2.0 really means
12:10 - How MFA gets bypassed in real attacks
15:30 - Why the browser is the final control point
18:40 - AI reducing SOC alert fatigue
23:07 - Mentorship shaping cybersecurity careers
27:00 - Thinking like attackers to defend better
31:15 - When trust becomes the attack surface

Links
Connect with our guest, Yaamini Barathi Mohan, on LinkedIn: https://www.linkedin.com/in/yaamini-mohan/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
33min
January 25, 2026 When Cybercrime Learned How to Make Money and Never Looked Back with Graham Cluley
Cybersecurity didn’t start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that’s breaking today.

Ron sits down with Graham Cluley, one of the earliest antivirus developers turned trusted cyber voice, to trace how malware evolved from digital graffiti into organized financial warfare. From floppy disks and casino-style viruses to ransomware, extortion, and agentic AI, the conversation shows how early decisions still shape today’s most dangerous assumptions. Graham also explains why AI feels inevitable, but still deeply unfinished inside modern organizations.

Impactful Moments
00:00 - Introduction
04:16 - Malware before money existed
07:30 - Cheesy biscuits changed cybersecurity
13:10 - When documents became dangerous
14:33 - Crime replaced curiosity
15:23 - Sony proved no one was safe
20:15 - Reporting hacks without causing harm
24:01 - AI replacing penetration testers
29:18 - Agentic AI shifts the threat model
36:30 - Why rushing AI breaks trust

Links
Connect with our guest on LinkedIn: https://www.linkedin.com/in/grahamcluley/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
38min
January 22, 2026 Defending Dignity in the Messiest Data on Earth with George Al-Koura
The most dangerous attack surface isn’t your infrastructure, it’s desire under pressure. When people are emotional, impulsive, and hoping for connection, security controls don’t fail… judgment does.

Ron sits down with George Al-Koura, CISO at Ruby Life, to talk about securing some of the most psychologically sensitive data on the internet, and why dating data can carry more real-world risk than financial data. From the fallout of the Tea dating-safety app breaches to impulse-driven human behavior, sexual science, and intel-driven security, this conversation cuts straight to the uncomfortable truth: protecting users means understanding how people actually behave when emotion overrides logic.

Impactful Moments
00:00 - Introduction
01:45 - Tea app breach reality-check
04:26 - Why George chose Ruby Life
09:10 - Dating data hits harder
11:52 - Competitors refuse threat sharing
16:15- AI boosts social engineering
18:47 - Horny brains create risk
19:49 - Sexual science meets security
21:20 - AI avatars dating first
33:13 - Trust is earned in layers
Links
Connect with our guest on LinkedIn: https://www.linkedin.com/in/george-y-al-koura/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
36min
January 18, 2026 When Automation Outruns Control with Joshua Bregler
AI doesn’t break security, it exposes where it was already fragile. When automation starts making decisions faster than humans can audit, AppSec becomes the only thing standing between scale and catastrophe.

In this episode, Ron sits down with Joshua Bregler, Senior Security Manager at McKinsey’s QuantumBlack, to dissect how AI agents, pipelines, and dynamic permissions are reshaping application security. From prompt chaining attacks and MCP server sprawl to why static IAM is officially obsolete, this conversation gets brutally honest about what works, what doesn’t, and where security teams are fooling themselves.

Impactful Moments
00:00 – Introduction
02:15 – AI agents create identity chaos
04:00 – Static permissions officially dead
07:05 – AI security is still AppSec
09:30 – Prompt chaining becomes invisible attack
12:23 – Solving problems vs solving AI
15:03 – Ethics becomes an AI blind spot
17:47 – Identity is the next security failure
20:07 – Frameworks no longer enough alone
26:38– AI fixing insecure code in real time
32:15 – Secure pipelines before production

Connect with our Guest
Joshua Bregler on LinkedIn: https://www.linkedin.com/in/breglercissp/

Our Links
Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
38min
January 15, 2026 The Day AI Stopped Asking for Permission with Marcus J. Carey
AI didn’t quietly evolve, it crossed the line from recommendation to execution. Once agents stopped advising humans and started acting inside real systems, trust replaced experimentation and consequences became unavoidable.

In this episode, Ron sits down with Marcus J. Carey, Principal Research Scientist at ReliaQuest, to examine what happens after AI is given authority: agents running in production, prompt debt replacing technical debt, vibe coding accelerating risk, and maintenance emerging as the true bottleneck. Together, they discuss how cybersecurity, software engineering, and the job market are shifting now that AI operates with autonomy, often faster than organizations can explain what their systems are actually doing.

Impactful Moments
00:00 - Introduction
02:26 - AI agents cross into production
03:35 - Trust boundaries become attack surfaces
6:46 - Vibe coding and hidden technical debt
09:22 - Prompt debt changes everything
17:40 - Why junior knowledge disappears
19:00 - AI replaces repetitive cyber workflows
23:43 - Coding becomes human leverage
29:30 - Fall in love with the problem

Connect with our guest, Marcus J. Carey:
LinkedIn https://www.linkedin.com/in/marcuscarey/

X https://x.com/marcusjcarey

Articles and Books Mentioned:
Article used for discussion: https://www.techradar.com/pro/security/this-webui-vulnerability-allows-remote-code-execution-heres-how-to-stay-safe

Atomic Habits: https://jamesclear.com/atomic-habits-summary

Fall in Love with the Problem, Not the Solution: https://sobrief.com/books/fall-in-love-with-the-problem-not-the-solution

Our Links:
Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

...more
34min

FAQs about Hacker Valley Studio:

How many episodes does Hacker Valley Studio have?

The podcast currently has 417 episodes available.

More shows like Hacker Valley Studio

Hacked by Hacked

Hacked

187 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

372 Listeners

Risky Business by Risky Business Media

Risky Business

373 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

651 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,024 Listeners

Smashing Security by Graham Cluley

Smashing Security

319 Listeners

Click Here by Recorded Future News

Click Here

416 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,078 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

178 Listeners

Hacking Humans by N2K Networks

Hacking Humans

316 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

194 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

My First Million by Hubspot Media

My First Million

2,663 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

138 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

167 Listeners