The Abhisek Cast

Abhisek Rajkumar
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

The Abhisek Cast brings unfiltered conversations with people who have real insights into cybersecurity. These episodes are for cybersecurity enthusiasts, curious learners, and anyone deeply interested in the field. Each one offers practical takeaways and a real-world view of how cybersecurity works—beyond the buzzwords. We focus on quality to ensure your time is well spent and that you leave with something genuinely useful to guide your learning or career journey.

Episodes

  1. EP10 - Conversation with Creator of Metasploit | ft. HD Moore (CEO, runZero & Creator of Metasploit)

    12/27/2025

    EP10 - Conversation with Creator of Metasploit | ft. HD Moore (CEO, runZero & Creator of Metasploit)

    In this episode of The Abhisek Cast, I’m joined by HD Moore, creator of Metasploit and founder of runZero, for a deep and honest conversation about cybersecurity’s past, present, and future. We explore how security evolved from an underground, legally risky activity into a massive commercial industry—and what was lost along the way. HD shares the real design philosophy behind Metasploit, why it intentionally bypassed security products, and how open source shaped an entire generation of pentesters. The discussion also breaks down why asset inventory and discovery remain foundational yet unsolved problems, how runZero approaches attack surface mapping, and why many security tools only see half the environment they’re supposed to protect. We also talk about bug bounties, internal security testing, AI hype, and why relying on LLMs without understanding programming fundamentals is dangerous. A thoughtful episode for anyone building tools, breaking systems, or trying to understand what real security work looks like beyond buzzwords. Key Topics Covered: Early hacker culture vs modern cybersecurityWhy Metasploit was controversial—and why it workedOpen source vs commercial security modelsAsset discovery and attack surface managementBug bounties vs traditional penetration testingAI in security: overhyped or inevitable?Advice for people entering cybersecurity todayTimestamps:00:00 - Introduction00:40 - Early life & first exposure to computers02:00 - Burnout, scale, and community in cybersecurity03:40 - How security changed from the 90s to today06:10 - Why Metasploit was designed to break defenses10:40 - Open source vs commercializing security tools13:45 - runZero and the asset discovery problem19:45 - Underground stories from Metasploit days22:10 - Bug bounties: value, limits, and trade-offs27:25 - Internal security testing & risk28:20 - AI, GPUs, and why HD is cautious30:40 - Advice for newcomers to cybersecurity Thanks for watching!

    34 min
  2. EP09 - How to Build Security That Actually Works | ft. Jeff Man (Consultant, Advisor & Podcaster)

    12/12/2025

    EP09 - How to Build Security That Actually Works | ft. Jeff Man (Consultant, Advisor & Podcaster)

    In this episode, I speak with Jeff Man, a cybersecurity veteran with over 40 years of experience across NSA, red teaming, PCI, consulting, and industry leadership. Jeff shares a rare, ground-level view of what “security” actually means and why most organizations continue to get it wrong. We discuss his journey from solving puzzles to joining NSA, building the agency’s first red team, working on early cryptographic systems, and spending two decades teaching companies how to think about risk, data, and process. Jeff explains the critical difference between securing (technology, patching, fixing) and security (monitoring, process, diligence) and why the industry consistently overinvests in tools while underinvesting in thinking. This episode is a deep, practical, honest conversation about how security really works, and why mindset matters more than any product. Ideal for professionals across offensive, defensive, governance, and leadership roles who want to build long-lasting security programs. What You Will Learn (Key Takeaways): Why most companies fix technology but ignore processHow the cybersecurity mindset has shifted (and where it’s stuck)Stories from NSA, early crypto systems, and building the first red teamWhy PCI is misunderstood but extremely usefulThe difference between "securing" and "security"Why availability (not confidentiality) is today’s biggest problemThe importance of curiosity and the “hacker mindset”Why marketing shapes cybersecurity more than we admitHow to think, not just follow tools or trendsWhat keeps Jeff going after decades in the fieldTimestamps: 00:00 – Intro00:59 – Welcoming Jeff Man01:30 – Jeff’s journey from puzzles to NSA06:30 – Early cryptographic work & first software crypto system10:50 – Building NSA's first red team15:30 – Why companies don’t fix security even after pen tests17:30 – What organizations are getting wrong today20:10 – Why focusing only on technology never works22:30 – CIA triad misconceptions25:30 – Vulnerability overload & why “fix everything” is impossible28:30 – Securing vs. Security (monitoring, process, diligence)31:50 – Why process, not people, is the real failure point34:30 – Rethinking patching, compliance, and risk38:20 – How Jeff keeps himself informed today41:20 – Lessons from 900+ podcast episodes43:00 – The hacker mindset: curiosity, questioning, thinking49:20 – Why he continues speaking, podcasting, and mentoring51:21 – Closing thoughts

    53 min
  3. EP08 - Red Teaming in Practice: Recon, Evasion & Pentesting | ft. Guillaume Daumas (Red Team Lead, Advens)

    11/28/2025

    EP08 - Red Teaming in Practice: Recon, Evasion & Pentesting | ft. Guillaume Daumas (Red Team Lead, Advens)

    In this episode of The Abhisek Cast, Abhisek speaks with Guillaume Daumas, Red Team Lead at Advens, about the practical side of red teaming and internal penetration testing. After a three-month break, the show returns with a deep conversation that moves beyond theory and focuses on how real operators think, plan, and execute their assessments. Guillaume walks through his journey from a SOC analyst to becoming a red teamer, how platforms like Hack The Box shaped his mindset, and why offensive security offers a unique sense of challenge and motivation. He explains how to approach reconnaissance without getting distracted, how to handle large scopes with limited time, and why understanding Active Directory remains essential for any red teamer. The episode also covers malware development, EDR evasion, custom exploit considerations, and learning frameworks from Maldev Academy. Guillaume shares honest insights, recommended resources, cheat sheets, and blogs that have shaped his methodology. This episode is a valuable guide for beginners and intermediate professionals looking to develop real operational skills in red teaming or internal network security.

    47 min
  4. EP07 - SquareX's Browser Security Field Manual Explained | ft. Audrey Adeline (Security Researcher, SquareX)

    08/08/2025

    EP07 - SquareX's Browser Security Field Manual Explained | ft. Audrey Adeline (Security Researcher, SquareX)

    Your browser is your new endpoint—and it’s vulnerable. In this episode, I speak with Audrey Adeline, Security Researcher at SquareX and co-author of the Browser Security Field Manual. Audrey walks us through why browser security is a rising concern, how current architectures fall short, and what her research team is doing to uncover novel browser-based threats. We talk about her unconventional journey from VC to cyber researcher, the process of writing the field manual, and how SquareX tackles browser threats with tools far beyond Chrome’s own protections. We also dive into: Real-world attacks like polymorphic extensions and malicious OAuth apps How even trusted extensions can be weaponized What “MV3 compliant” really means (and doesn’t) Why architectural flaws are harder to fix than software bugs How SquareX uses AI for extension behavior analysis Her take on impactful research and communication in the security field This is a rare deep-dive into browser-native risks from someone at the frontier of browser security.

    44 min
  5. EP06 - Inside the World of Physical Penetration Testing | ft. FC aka Freakyclown (Cofounder, Cygenta Security)

    07/25/2025

    EP06 - Inside the World of Physical Penetration Testing | ft. FC aka Freakyclown (Cofounder, Cygenta Security)

    In this thrilling episode of The Abhisek Cast, we explore the real-life world of physical penetration testing with one of the best in the field—FC aka Freakyclown, Cofounder of Cygenta Security. From breaking into banks and data centers to sneaking past guards and security systems, FC shares what it takes to hack the physical world. He walks us through his early days in cybersecurity—before the internet as we know it—and explains why physical security is often the weakest link in an organization’s defense. What makes this episode stand out is FC's ability to share deep insight through wild real-life stories—from bluffing his way into secure sites to planting covert devices inside phones. We also talk about the founding of Cygenta, a company focused on holistic security: blending technical defenses, human behavior, and physical infrastructure into a single strategy. If you’re in cybersecurity, red teaming, or just fascinated by the intersection of psychology and hacking, this one is for you.

    59 min
  6. EP05 - From Linux to Leadership: CI/CD, Certifications & Open Source Realities | ft. Anant Shrivastava (Founder, Cyfinoid Research)

    07/11/2025

    EP05 - From Linux to Leadership: CI/CD, Certifications & Open Source Realities | ft. Anant Shrivastava (Founder, Cyfinoid Research)

    In this thought-provoking episode, Abhisek talks with Anant Shrivastava, Founder of Cyfinoid Research, about the raw, unfiltered realities of security careers — from his early journey with Linux in 2000 to leading teams, building open-source tools, and mentoring the next generation of security professionals. Anant offers a candid view on: Whether certifications are worth it. Why open source isn’t what it used to be — and that’s not necessarily bad. The truth about CI/CD and DevSecOps pipelines. What really goes on behind closed doors in conference CFP selections. How students and professionals alike can build relevant skills with purpose. We also touch on the role of AI in workflows, the importance of community support, and the enduring value of curiosity in learning. Whether you’re a student, early-career professional, or seasoned expert — this episode will leave you with insights, clarity, and a sense of direction.

    1h 9m
  7. EP04 - Beyond the Tab: Exploring the Hidden Risks in Modern Browsers | ft. Dakshitaa Baby (Security Researcher, SquareX)

    06/27/2025

    EP04 - Beyond the Tab: Exploring the Hidden Risks in Modern Browsers | ft. Dakshitaa Baby (Security Researcher, SquareX)

    In this episode of The Abhisek Cast, we explore one of the most overlooked but highly targeted layers of modern cybersecurity: the browser. Joining us is Dakshitaa Babu, a Security Researcher and Product Evangelist at SquareX, who brings a fresh and practical perspective on the evolving threat landscape inside browsers. She explains how attackers abuse browser functionality, why traditional security tools fall short, and how developers and defenders alike can better prepare. If you’ve ever used browser extensions, clicked on an ad, or granted notification permissions, this episode is for you. What we cover in this episode: The browser as an active and often exploited attack surface Real-world examples of browser-native ransomware and fileless attacks The mechanics behind Browser-in-Browser (BiB) and fullscreen spoofing attacks How browser extensions can misuse permissions and lead to data leaks AI-related data exfiltration risks through third-party tools The importance of secure-by-design thinking during development Challenges of building custom enterprise browsers Tips for aspiring researchers entering the browser security space Observations from the field: misconfigurations, CVEs, and bypass techniques Building a career in browser security and Dakshitaa’s experience at SquareX About the Guest:Dakshitaa Babu is a Security Researcher and Product Evangelist at SquareX. With a background in analytics, venture capital, and data engineering, she brings a cross-disciplinary mindset to offensive research and browser-based defense. She actively contributes to building one of the industry’s first Browser Detection and Response (BDR) platforms, pushing boundaries in real-time web threat prevention. This episode is packed with insights for developers, product teams, security professionals, and researchers who want to understand the future of browser threats and how to build resilience against them. Also available on: YouTube: https://www.youtube.com/@abhisekcastApple Podcasts: https://podcasts.apple.com/us/podcast/the-abhisek-cast/id1815095644Amazon Music: https://music.amazon.com/podcasts/09de9397-74e4-459b-857d-1e16d8f7a232/the-abhisek-cast

    50 min
  8. EP03 - Three Decades of Cyber Lessons: From Asset Gaps to Dirty Networks | ft. Chris Rock (CISO, SIEMonster)

    06/13/2025

    EP03 - Three Decades of Cyber Lessons: From Asset Gaps to Dirty Networks | ft. Chris Rock (CISO, SIEMonster)

    In the 3rd episode of The Abhisek Cast, I talk with Chris Rock—co-founder and CISO of SIEMonster, with more than 30 years of experience in cybersecurity. We explore why most companies still struggle with basic asset visibility, how to approach company mergers from a security perspective, and how a solid framework like ISO 27001 saves startups from painful mistakes. Chris also reflects on his experiences presenting at DEF CON, the importance of documenting security research thoroughly, and his personal hiring philosophy. A refreshing, no-BS conversation packed with lessons from the trenches. Key points: Most companies don’t know what assets they have, leading to major gaps Auditing and pen testing are critical before merging orgs/domains Startups need ISO, not just certifications for the sake of it DEF CON is invaluable for learning and community In hiring: honesty and initiative matter more than memorized answers

    48 min
  9. EP02 - Cloud Security & Career Grit: A Journey Through Community and Curiosity | ft. Jayesh Singh Chauhan (CEO, Cloudurance Security)

    05/30/2025

    EP02 - Cloud Security & Career Grit: A Journey Through Community and Curiosity | ft. Jayesh Singh Chauhan (CEO, Cloudurance Security)

    In Episode 2 of the Abhisek Cast, Jayesh Singh, CEO of Cloudurance Security, shares his journey from small-town "jugaad" to cybersecurity leadership. We explore founding Cloud Village, audits vs. pentests, startup security challenges, and the power of passion in building a career. Tune in for practical insights and inspiration to level up in cybersecurity!

    54 min
  10. EP01 - CTFs, Certs & the Path That Doesn't Scale: Learning Security the Hard Way | ft. Louis Nyffenegger (CEO, PentesterLab)

    05/17/2025

    EP01 - CTFs, Certs & the Path That Doesn't Scale: Learning Security the Hard Way | ft. Louis Nyffenegger (CEO, PentesterLab)

    In the very first episode of The Abhisek Cast, I chat with Louis Neffenegger, CEO of PentesterLab. We talk about his personal journey, the rise of cybersecurity, the real value of learning over certifications, and how to build depth and resilience in this ever-changing field. This is not a polished "success story"—it’s a real, honest take on learning, struggling, and growing with intention. If you're passionate about cybersecurity or looking to go deeper into the field, this episode is for you.

    40 min
  • 10 Episodes

About

The Abhisek Cast brings unfiltered conversations with people who have real insights into cybersecurity. These episodes are for cybersecurity enthusiasts, curious learners, and anyone deeply interested in the field. Each one offers practical takeaways and a real-world view of how cybersecurity works—beyond the buzzwords. We focus on quality to ensure your time is well spent and that you leave with something genuinely useful to guide your learning or career journey.

Information

  • Creator
    Abhisek Rajkumar
  • Years Active
    2K
  • Episodes
    10
  • Rating
    Clean
  • Copyright
    © Abhisek Rajkumar
  • Show Website
    The Abhisek Cast