Hacker Valley Studio

Hacker Valley Media
  • 4.7 (60)
  • TECHNOLOGY
  • UPDATED WEEKLY

Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.

  1. 23H AGO

    Can AI Do Your Cyber Job? Post Your Job Req and Find Out with Marcus J. Carey

    Last episode, Ron and Marcus made predictions. This episode, they brought the receipts. A journalist built an app with vibe coding and got hacked on live television.  A social network built entirely by AI (not a single line of human code!) exposed 1.5 million authentication tokens and private messages between agents.  And 88% of organizations have already had an AI security incident, while barely 14% of deployed agents ever saw a security review.  The warnings from last episode aged fast. Marcus J. Carey is back to talk about what that actually means for the people building right now, not the people theorizing about it. Ron and Marcus are in the code themselves, and this conversation is what that experience actually looks like: OpenClaw running loose on your machine, agents racking up API bills, and why guidance, not prompts, not tools, is the real skill that separates builders who thrive from builders who ship disasters. Impactful Moments 00:00 - Introduction 02:00 - Vibe coding hack on live TV 03:30 - Mo Book leaks 1.5M auth tokens 06:00 - Marcus' origin story: War Games, 1983 08:00 - OpenClaw escapes the lab 13:30 - AT&T cuts help desk spend 90% 17:00 - Context is king, guidance is everything 19:00 - Can AI do your job rec right now? 24:00 - The first cybersecurity jobs agents will replace 27:00 - Expertise + AI = 1000x yourself 30:00 - Focus on outcomes, not new tools   Links Connect with our guest, Marcus J. Carey, on LinkedIn: https://www.linkedin.com/in/marcuscarey/   Read the articles we referenced in this episode: The vibe coding hack that aired on live TV, ICAEW breaks down exactly how it happened and what it means for anyone building with AI: https://www.icaew.com/insights/viewpoints-on-the-news/2026/feb-2026/cyber-dangers-of-agents-and-vibe-coding 88% of organizations have already had an AI security incident. See the full data from the Cisco State of AI Security 2026 report: https://www.helpnetsecurity.com/2026/02/23/ai-agent-security-risks-enterprise/   Check out our upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    39 min

  2. 23H AGO

    Why 69% of CISOs Are Ready to Walk Away with Anthony Johnson

    The CISO role isn’t the finish line, it’s a launchpad. 69% of security executives are eyeing the exit, and Anthony Johnson is proof that what comes next can be even bigger. Anthony Johnson, former Global CISO at JP Morgan and Fannie Mae, now founder and managing partner at Delve Risk, breaks down what really happens when a security leader stops buying tools and starts building companies. From the trap of unpaid advisory boards to why AI is eliminating the entry-level pipeline, Anthony delivers a no-nonsense look at career strategy, the future of fractional work, and why understanding how your company makes money is the most underrated skill in cybersecurity. If you’re a security practitioner at any level, this episode will change how you think about your next move. Impactful Moments 00:00 - Introduction 01:00 - Meet Anthony Johnson 02:00 - 69% of CISOs want out 06:00 - Why Anthony left the CISO seat 09:00 - Revenue changes your security priorities 11:00 - Career paths after the CISO role 13:00 - The advisory board compensation trap 17:00 - AI’s threat to the talent pipeline 22:00 - Hiring for aptitude over competency 24:00 - Soft skills win in the AI era 29:00 - Corporate loyalty is dead—now what 31:00 - Networking that actually lands roles 34:00 - Know how your company makes money 36:00 - Ron’s personal reflection on freedom Links Connect with our guest, Anthony Johnson, on LinkedIn: https://www.linkedin.com/in/anthony-johnson-delverisk/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    40 min

  3. FEB 19

    Securing the Workspace Attackers Already Live In with Rajan Kapoor

    Your email gateway isn't enough anymore, attackers are already inside the workspace through OAuth apps, browser extensions, and account takeover.  In this episode, Ron sits down with Rajan Kapoor, VP of Security at Material Security, to break down the real risks hiding inside Google Workspace and Microsoft 365. They cover how phishing has evolved into full-blown business email compromise, why malicious OAuth apps are the new favorite attack vector, and what security teams, especially lean ones, can do right now to lock down their cloud workspace. Rajan also drops practical advice on passkeys, document sharing hygiene, and why data lifecycle management is a problem no one is solving well enough. Impactful Moments 00:00 – Introduction 03:30 – The current state of phishing 05:30 – Outbound email compromise risk 09:30 – OAuth apps as attack vectors 15:00 – AI agents accessing your workspace 16:00 – Prompt injection is the new SQL injection 18:00 – Allow listing apps immediately 24:30 – Google Workspace vs Microsoft 365 security 27:30 – Custom detections require API expertise 28:00 – Why passkeys matter right now 32:00 – Data lifecycle management for shared docs Links Connect with our guest, Rajan Kapoor, on LinkedIn: https://www.linkedin.com/in/rajankkapoor/ Learn more about Material Security: https://material.security  ___ Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Check out our upcoming events: https://www.hackervalley.com/livestreams  Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

    38 min

  4. FEB 12

    Beating “Checkbox Security” With Continuous Offense with Sonali Shah

    Security doesn’t fail because you missed a tool, it fails because “secure today” tricks you into relaxing tomorrow. This episode exposes why the real fight isn’t compliance… it’s whether your defenses hold up once attackers hit you with machine-speed pressure. Ron sits down with Sonali Shah, CEO of Cobalt, to talk about how human-led, AI-powered penetration testing is evolving into full-spectrum offensive security. Sonali shares how Cobalt can start a test in 24 hours, push findings directly into Slack/Teams and Jira, and use learnings from 5,000+ pentests a year to continuously sharpen what gets caught. The big takeaway: automation finds the easy stuff as humans find the business-logic traps and attack chains that actually break companies. Impactful Moments 00:00 - Introduction 02:21- Sonali’s unexpected CEO path 06:10 - Compliance isn’t real security 10:19 - PTaaS: start in 24 hours 12:33- 5,000 pentests yearly scale 17:01 - Humans beat automation limits 20:16 - AI behavior vulnerabilities emerge 27:54 - Indirect prompt injection explained 30:51 - Why juniors + AI is risky 38:27 - 2026 becomes AI battleground Links Connect with Sonali on LinkedIn: https://www.linkedin.com/in/sonalinshah/ Check out Cobalt: https://www.cobalt.io   ____ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    42 min

  5. FEB 10

    Turning Agent Chaos into a Command Center with Pedram Amini

    Text threads made AI feel personal, then agents made it productive, and suddenly “success” turns into chaos you can’t even track. In this episode, Ron sits down with Pedram Amini, creator of Maestro, to show what agent work looks like when you stop babysitting and start orchestrating. Pedram lays out why context windows are the limiter, why harnessing beats model-chasing right now, and how Auto Run executes task-docs with fresh context every iteration so agents can run for hours (or days) without melting down. Impactful Moments 00:00 - Intro 02:05 - Codex desktop sparks agent shift 06:40 - Harness beats model iteration 08:10 - Context window: the hidden limiter 12:10 - Terminal sprawl creates agent chaos 14:05 - Maestro panels: agents, tabs, history 17:25 - Auto Run: fresh context per task 26:15 - “Donate tokens” via Symphony PRs 28:20 - AI tax debate gets spicy 33:05 - Start simple: download and run   Links Connect with Pedram on LinkedIn: https://www.linkedin.com/in/pedramamini/ Check out Maestro for yourself: https://runmaestro.ai/     Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    38 min

  6. JAN 29

    Why MFA Isn’t the Safety Net You Think It Is with Yaamini Barathi Mohan

    Phishing didn’t get smarter, it got better at looking normal. What used to be obvious scams now blend directly into the platforms, workflows, and security controls people trust every day. In this episode, Ron sits down with Yaamini Barathi Mohan, 2024 DMA Rising Star, to break down how modern phishing attacks bypass MFA, abuse trusted services like Microsoft 365, and ultimately succeed inside the browser. Together, they examine why over-reliance on automation creates blind spots, how zero trust becomes practical at the browser layer, and why human judgment is still the deciding factor as attackers scale with AI. Impactful Moments 00:00 - Introduction 02:44 - Cloud infrastructure powering crime at scale 07:45 - What phishing 2.0 really means 12:10 - How MFA gets bypassed in real attacks 15:30 - Why the browser is the final control point 18:40 - AI reducing SOC alert fatigue 23:07 - Mentorship shaping cybersecurity careers 27:00 - Thinking like attackers to defend better 31:15 - When trust becomes the attack surface   Links Connect with our guest, Yaamini Barathi Mohan, on LinkedIn: https://www.linkedin.com/in/yaamini-mohan/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    33 min

  7. JAN 25

    When Cybercrime Learned How to Make Money and Never Looked Back with Graham Cluley

    Cybersecurity didn’t start as a billion-dollar crime machine. It started as pranks, ego, and curiosity. That origin story explains almost everything that’s breaking today. Ron sits down with Graham Cluley, one of the earliest antivirus developers turned trusted cyber voice, to trace how malware evolved from digital graffiti into organized financial warfare. From floppy disks and casino-style viruses to ransomware, extortion, and agentic AI, the conversation shows how early decisions still shape today’s most dangerous assumptions. Graham also explains why AI feels inevitable, but still deeply unfinished inside modern organizations. Impactful Moments 00:00 - Introduction 04:16 - Malware before money existed 07:30 - Cheesy biscuits changed cybersecurity 13:10 - When documents became dangerous 14:33 - Crime replaced curiosity 15:23 - Sony proved no one was safe 20:15 - Reporting hacks without causing harm 24:01 - AI replacing penetration testers 29:18 - Agentic AI shifts the threat model 36:30 - Why rushing AI breaks trust Links Connect with our guest on LinkedIn: https://www.linkedin.com/in/grahamcluley/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    37 min

  8. JAN 18

    When Automation Outruns Control with Joshua Bregler

    AI doesn’t break security, it exposes where it was already fragile. When automation starts making decisions faster than humans can audit, AppSec becomes the only thing standing between scale and catastrophe. In this episode, Ron sits down with Joshua Bregler, Senior Security Manager at McKinsey’s QuantumBlack, to dissect how AI agents, pipelines, and dynamic permissions are reshaping application security. From prompt chaining attacks and MCP server sprawl to why static IAM is officially obsolete, this conversation gets brutally honest about what works, what doesn’t, and where security teams are fooling themselves. Impactful Moments 00:00 – Introduction 02:15 – AI agents create identity chaos 04:00 – Static permissions officially dead 07:05 – AI security is still AppSec 09:30 – Prompt chaining becomes invisible attack 12:23 – Solving problems vs solving AI 15:03 – Ethics becomes an AI blind spot 17:47 – Identity is the next security failure 20:07 – Frameworks no longer enough alone 26:38– AI fixing insecure code in real time 32:15 – Secure pipelines before production Connect with our Guest Joshua Bregler on LinkedIn: https://www.linkedin.com/in/breglercissp/   Our Links Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    37 min
See All (415)

4.7
out of 5
60 Ratings

About

Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.

Information

  • Creator
    Hacker Valley Media
  • Years Active
    2019 - 2026
  • Episodes
    415
  • Rating
    Clean
  • Copyright
    © Copyright 2019 All rights reserved.
  • Show Website
    Hacker Valley Studio

You Might Also Like