Security You Should Know

Automated attacks are growing in speed and sophistication, far outpacing the human defenses most organizations rely on. Whether it’s credential stuffing, scraping, or denial-of-wallet attacks, bots can drain your resources before they even steal a cent.

In this episode, Sam Crowther, founder of Kasada, discusses how their bot detec...

Managing privileged access across a sprawling IT environment remains one of cybersecurity’s toughest balancing acts. Admin privileges are often granted too broadly and retained for too long, opening dangerous pathways for lateral movement and ransomware.

In this episode, Rob Allen, chief product officer at ThreatLocker, introduces...

Security operations centers (SOCs) are drowning in alerts, forcing analysts to waste time chasing down false positives while real threats slip through. The problem isn’t just efficiency—it’s burnout, missed signals, and limits on what security teams can reasonably triage.

In this episode, Edward Wu, CEO and founder of Dropzone AI,...

Securing endpoints is a persistent challenge, especially in a hybrid working environment. The human factor is an unavoidable element with endpoint security, which means you have to be ready for a lot of unexpected behavior. Centrally managed policies for endpoints can only enhance security if they don’t compromise the flexibility the business needs.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how th...

Customer security reviews often miss their mark, leaving organizations scrambling to compensate with extensive questionnaires that divert attention away from genuine risk management. The inconsistency of these processes and the lack of clear authority or visibility contribute to prolonged timelines and increased frustration. So, how can companies maintain trust without drowning in the complex processes that come with these reviews?

We hear all the time that identity is the new perimeter. If we place that much importance on identity, then compromised credentials can give away the keys to the kingdom. In an environment where hybrid infrastructures introduce visibility challenges, the need for advanced monitoring techniques for identities becomes clear.

In this episode, Paul Nguyen, co-founder an...

Managing application control amid increasing ransomware threats while not impeding business flow remains a challenge. Organizations need a layered defense to bolster their security posture without overinvesting in overlapping tooling.

In this episode, Rob Allen, chief product officer at ThreatLocker, discusses how their deny-by-default approach to application control helps simplify this persistent challenge. Rob is joined by our pa...

The tendency to focus on merely checking boxes to achieve compliance can lead to superficial solutions that may not effectively reduce operational risk. A strategic pivot towards ensuring compliance through holistic security measures is key; long-term, it demands less effort and provides more substantial protection.

In this episode, Craig Unger, founder and CEO of HyperProof, discusses the company‘s efforts to help companies achiev...

SaaS visibility remains a mixed bag. Within company sanctioned tools we have visibility. But when it comes to visibility across tools, we struggle. And don't forget all of the SaaS apps your employees use that you don't know about. How do you start to address that SaaS visibility gap?

In this episode, Russell Spitler, co-founder and CEO of Nudge Security, discusses ...

Open source is a bedrock of modern enterprise software. But support for various components is all over the place. The ecosystem doesn't have the right incentives in place, leading to end-of-life security issues many organizations aren't ready to address. When community support for open-source components dries up over time, what is your recourse?

In this episode, Aar...

The velocity of innovation necessitates an agile approach to infrastructure management, which often leads to complexity and, consequently, vulnerabilities. Organizations are in a relentless race to identify and prioritize security gaps, but how can we effectively manage and mitigate these risks?

In this episode, Jay Mar-Tang, field CISO at Pentera, discusses how Pe...

The sheer volume of security alerts and data being generated by various sources like firewalls, servers, and endpoint devices is daunting. The challenge lies in sifting through this vast amount of information to identify genuine threats without throwing manual effort at it. Traditional security logs merely tell us what happened but do not provide insights on what's happening now. The demand is for more actiona...

Understanding and mitigating insider risk has taken a front seat in organizational security strategies. What once was a niche concern, we’re seeing significant escalation in insider threats, particularly from nation-state actors, with insiders becoming victims of coercion or identity theft.

In this episode, Mohan Koo, president & co-founder, DTEX Systems, explains why understanding human behavior, continuous data tracking, and proa...

The fragmentation and vast amount of data generated from enterprise tools create a convoluted landscape for cybersecurity professionals to navigate. This complexity is exacerbated in large companies with dynamic environments, where innovation and growth must be balanced with the ever-present need for security.

In this episode, Piyush Sharrma, CEO and co-founder at Tuskira discusses what the company is doing to unify security tools ...

What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that.

Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to ...