We first met Venu and his co-founder, Srini, in 2019 in Singapore during the RSA Conference Launch Pad event. Their company, WeSecureApp, was a finalist for the startup challenge and ultimately came out on top as the winners of the inaugural Launch Pad in Singapore.

The lack of visibility into how new (dare we say, “next-gen”) information technologies work—the black box effect—is beginning to give pause to many organizations looking to leverage such technologies to help them succeed with their IT security management programs. Without a view into how the data is analyzed paired with a lack of visibility for how the results can be connected back to the operations—and the business—means that organizations are forced to blindly trust that their vendors are doing the best things, the right thing.

Honestly, we had no plans for this podcast. But who needs a plan when you have Chris on the other side of the mic? From our love for dogs to immortality, and everything in between—we talk about a ton of stuff.

There’s more to this conversation than can be captured here. You just need to listen to us—or our replicas—before you run off to buy a bunch of mass storage devices in preparation for the backup process of your life.

As part of this Uncommon Journey podcast series, various industry personalities will be invited to discuss their unique journeys into security, the challenges they faced, how they overcame those challenges and their recommendations for others looking to get into this community. They’ll also talk about security community-wide challenges and how non-traditional backgrounds and experiences can be brought together to address those challenges.

As the former Secretary at the Department of Homeland Security, our guest today, Juliette Kayyem, has probably seen some things that most people and organizations would have serious nightmares about. Truth is, once you have to deal with complex systems, the reality is made of the scenarios she has seen; the best way to deal with them is to focus on risk reduction and on maintaining the operational flow—of the system itself.

While VPN technologies have a clear role in protecting users and their devices as they connect to critical business systems and sensitive information, they alone are not enough to ensure that the connections are secure.

Listen to today’s episode as Faiz Shuja shares the SIRP story with us, giving us a view into what the future holds for the security orchestration and automated response market.

Have a listen to this story!

External drives and cold storage continue to be widely used technologies, giving organizations the ability to keep their business data safe from external threats such as ransomware. But what about the internal threats of rogue employees and compromised user accounts?

How do organizations ensure that those devices (and related ports) don’t get misused and abused — especially when there are 10s of thousands of users, each potentially with multiple external devices?

In today's Podcast, Karim and Adam join the conversation to tell us about how they are leading the charge for Continuous Compromise Intelligence Monitoring — even creating such category — and how the data collection and research they have been doing connect their platform directly to the dark underbelly of cybercrime and the compromised and malicious devices that give the criminals the ability to do the wrong things they do.

What is a bug bounty? What is a bug bounty hunter? What the heck does that have to do with hunting ghosts? These questions beg the bigger question — “Who ya gonna call?”

To help us understand what the role of a bug bounty hunter is—what does it take to do this kind of work—and why these ethical hackers do what they do—we are joined by two such hunters: Tommy DeVoss and Ben Sadeghipour.