Security You Should Know
What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that. Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on: How to explain the issue to your CEO What the solution actually does (and doesn’t do) How the pricing model works Then, our security leaders ask the tough questions to see what sets this vendor apart. Subscribe now and and stay ahead of the latest security solutions. Visit CISOseries.com for more details. Security You Should Know: Connecting security solutions with security leaders.
Episodes
All links and images can be found on CISO Series.
Misconfigurations represent one of cybersecurity’s most persistent and damaging vulnerabilities. Organizations often fall into the trap of deploying tools with overly permissive “permit everything” default settings, only to struggle with the operational overhead required to lock them down properly. Every configuration change away from these permissive defaults requires extensive te...
All links and images can be found on CISO Series.
Organizations excel at generating massive volumes of unstructured data through recorded meetings. The struggle lies in extracting value from it. The reality is that most of this data is never touch again after its created. The temporal nature of voice communication creates unique challenges. These conversations capture real-time insights and concerns that are highly valuable for im...
All links and images can be found on CISO Series.
In this episode, Rob Allen, chief product officer at ThreatLocker, explains how their Storage Control solution addresses these challenges by implementing program-level access restrictions that work alongside traditional user permissions. Joining him are Jonathan Waldrop, CISO-at-large, and Nick Ryan, former CISO at RSM.
The conversation explores how ThreatLocker's endpoint-focused...
All links and images can be found on CISO Series.
Asset visibility remains a persistent challenges in cybersecurity. Despite working on this challenge for decades, CISOs continue to struggle with knowing what assets exist in their environments, where they’re located, and what risks they present.
The problem has only intensified with dynamic cloud resources spinning up and down in seconds, APIs proliferating across environments, an...
All links and images can be found on CISO Series.
Most data breaches don't happen because attackers are geniuses. They happen because organizations give too much access to too many people for far too long. Despite decades of security frameworks and best practices, enforcing least privilege remains one of cybersecurity's most persistent challenges. The culprit isn't technology: it's politics.
Read more
All links and images can be found on CISO Series.
In this episode, Simone Rapizzi, CSO at RedCarbon, explains how their AI-powered platform uses specialized models to automate threat detection and response while learning from each customer's unique environment. Joining him are Jonathan Waldrop, former CISO, and John Scrimsher, CISO at Kontoor Brands.
Huge thanks to our sponsor, RedCarbon
In this episode, Matt Hillary, CISO at Drata, explains how their AI-native trust management platform addresses these challenges by automating evidence collection from integrated systems and reducing manual effort by over 90%. Joining him are Mike Lockhart, CISO at EagleView, and Johna Till Johnson, CEO at Nemertes.
We talk about how Drata’s platform bridges the policy-execution gap through hundreds of out-of-the-box integrations, A...
SIEM costs are spiraling out of control for organizations. Increasing log volumes, longer compliance-driven retention requirements, and the habit of collecting everything "just in case," the list goes on.
Traditional SIEM architecture forces painful choices between cost control and security visibility, with teams constantly fighting to keep log volumes down while still maintaining adequate coverage for investigations.
All links and images can be found on CISO Series
Security awareness is critical to cultivate in your organization. But security awareness training can often miss the mark. Traditional training is slow and reactive. As deepfakes and LLM-enhanced attacks become common, organizations need training solutions that can adapt and provide relevant training.
All links and images can be found on CISO Series.
Wire fraud and payment security remain persistent challenges for organizations, with the FBI reporting a 33% increase in BEC losses between 2023 and 2024. The complexity of B2B payment processes creates multiple attack vectors that traditional email security solutions can't fully address.
In this episode, Shai Gabay, co-founder and CEO of Trustmi, explains how their platform connec...
Implmenting new technologies for the business is already a daunting task. Cloud and SaaS have made some of the implementation easier, but it also makes it easier to not fully comprehend the risks you're taking on. All it can take is a company credit card. Organizations struggle with shadow IT, misconfigurations, and unauthorized access across multiple cloud environments, often lacking visibility into their act...
Security orchestration sounds great in theory, but in practice, coordinating between different security tools remains a headache. As workflows need to move faster to keep pace with AI-driven attacks, security professionals find themselves overwhelmed with manual "muck work" rather than focusing on business enablement.
In this episode, Matt Muller, field CISO at Tine...
All links and information can be found on CISO Series.
DLP can be a bit of a four-letter word in cybersecurity. False positives are a major problem with any traditional DLP solution because setting the right policy for your organization's needs is always a moving target.
In this episode, Nitay Milner, co-founder and CEO of Orion Security, explains how they provide ...
Managing risk is the name of the game for a CISO. Quantification is a major part of that job, but it doesn't end there. Without a means of communicating that quantification to the rest of the business, quantification just adds to the noise.
In this episode, UJ Desai, Senior Director of Product Management, Partner Programs at Qualys explains how they provide a compr...
Security teams today are expected to manage two fronts—building and maintaining proactive defenses, and staying ready to respond at any moment to threats that slip through. But unless someone actively watches those alerts 24/7, your detection tools are expensive noise generators.
In this episode, Rob Allen, chief product officer at ThreatLocker, lays out why their ...
Large language models are most useful to your business when they have access to your data. But these models also overshare by default, providing need-to-know information without sophisticated access controls. But organizations that try to limit the data accessed by an LLM risk undersharing within their organization, not giving the information users need to do their jobs more efficiently.
...
Unauthorized site access remains a significant security concern for organizations. But why does this issue persist, and how can it be effectively addressed?
In this episode, Rob Allen, chief product officer at ThreatLocker, discusses the core functionality of ThreatLocker's Web Control solution: blocking access to unauthorized sites without meddling with DNS server...
Linux is the backbone of critical infrastructure, yet it often flies under the radar when it comes to endpoint monitoring. From legacy servers to embedded systems, Linux devices are frequently unprotected, either due to operational risk, overlooked assets, or the false assumption that Linux is “secure by default.”
In this episode, ...
For years, patch management has been treated as a solved problem—until reality strikes. Outdated applications, portable executables, patch conflicts, and shadow software leave organizations unknowingly exposed. The tools may exist, but the process often breaks down.
In this episode, Rob Allen, chief product officer at ThreatLocker...
Automated attacks are growing in speed and sophistication, far outpacing the human defenses most organizations rely on. Whether it’s credential stuffing, scraping, or denial-of-wallet attacks, bots can drain your resources before they even steal a cent.
In this episode, Sam Crowther, founder of Kasada, discusses how their bot detec...
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
It’s 1996 in rural North Carolina, and an oddball crew makes history when they pull off America’s third largest cash heist. But it’s all downhill from there. Join host Johnny Knoxville as he unspools a wild and woolly tale about a group of regular ‘ol folks who risked it all for a chance at a better life. CrimeLess: Hillbilly Heist answers the question: what would you do with 17.3 million dollars? The answer includes diamond rings, mansions, velvet Elvis paintings, plus a run for the border, murder-for-hire-plots, and FBI busts.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!
The official podcast of comedian Joe Rogan.