Enterprise Security Weekly (Audio)

Security Weekly Productions

News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire, Sean Metcalf.

  1. Clickfixed, Zero Trust World, and OpenClaw is out of control - but that's the point - Rob Allen - ESW #445

    11H AGO

    Clickfixed, Zero Trust World, and OpenClaw is out of control - but that's the point - Rob Allen - ESW #445

    Interview Segment - Rob Allen - Clickfix "Clickfix" attacks aren't new, but they're certainly more common these days. Rob Allen joins us to help us understand what they are, why they work on your employees, and how to stop them! We tie it into infostealers and ransomware actors. Plenty of practical recommendations for how to spot and prevent these attacks in your environment, don't miss it! This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! Interview Segment - Rob Allen - Zero Trust World Threatlocker's 6th annual Zero Trust World event is happening next month! This three day event runs from March 4th through the 6th once again in sunny Orlando, Florida. This year's event is packed with hands-on hacking workshops, competitions, prizes, and keynotes from Marcus Hutchins, and Linus and Luke from Linus Tech Tips. Security Weekly will be there as well, doing live interviews and recording an episode of ESW live! This segment is sponsored by ThreatLocker's annual Zero Trust World. Visit https://securityweekly.com/ztw to learn more about the conference and register with discount code ZTW26ESW! News Segment For this week's enterprise news, we discuss OpenClaw! funding! acquisitions! testing out AI models' offensive security capabilities more openclaw! the need for more transparency and testing in the vendor space A photobooth service leaks drunken pictures of wedding parties The salty snack that helps server uptime All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-445

    1h 41m
  2. Initial entry to resilience: understanding modern attack flows and this week's news - Warwick Webb - ESW #444

    FEB 2

    Initial entry to resilience: understanding modern attack flows and this week's news - Warwick Webb - ESW #444

    Segment 1: Interview with Warwick Webb From Initial Entry to Resilience: Understanding Modern Attack Flows Modern cyberattacks don't unfold as isolated alerts--they move as coordinated attack flows that exploit gaps between tools, teams, and time. In this episode, Warwick Webb, Vice President of Managed Detection and Response at SentinelOne, breaks down how today's breaches often begin invisibly, progress undetected through siloed security stacks, and accelerate faster than human response alone can handle. He'll discuss how unified platforms, machine-speed detection powered by global threat intelligence, and expert-led response change the equation--turning fragmented signals into clear attack narratives. The conversation concludes with how organizations can move beyond incident response to build resilience, readiness, and continuous improvement through post-attack analysis. Listeners will leave with a clearer understanding of how attacks actually unfold in the real world—and what it takes to move from reactive alert handling to true attack-flow-driven defense. Segment Resources: Wayfinder MDR Solution Brief 451 MDR Report Managed Defense Redefined Blog This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them! Segments 2 and 3: The Weekly News In this week's enterprise security news, we've got funding free tools! the CISO's craft agentic browsers tech companies are building cyber units? giving AI agents access to your entire life lots of dumpster fires in the industry today Cisco killed Kenna the state of AI in the SOC homemade EMP guns! don't try this at home All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-444

    1h 38m
  3. The future of data control, why detection fails, and the weekly news - Thyaga Vasudevan - ESW #443

    JAN 26

    The future of data control, why detection fails, and the weekly news - Thyaga Vasudevan - ESW #443

    Segment 1: Interview with Thyaga Vasudevan Hybrid by Design: Zero Trust, AI, and the Future of Data Control AI is reshaping how work gets done, accelerating decision-making and introducing new ways for data to be created, accessed, and shared. As a result, organizations must evolve Zero Trust beyond an access-only model into an inline data governance approach that continuously protects sensitive information wherever it moves. Securing access alone is no longer enough in an AI-driven world. In this episode, we'll unpack why real-time visibility and control over data usage are now essential for safe AI adoption, accurate outcomes, and regulatory compliance. From preventing data leakage to governing how data is used by AI systems, security teams need controls that operate in the moment - across cloud, browser, SaaS, and on-prem environments - without slowing the business. We'll also explore how growing data sovereignty and regulatory pressures are driving renewed interest in hybrid architectures. By combining cloud agility with local control, organizations can keep sensitive data protected, governed, and compliant, regardless of where it resides or how AI is applied. This segment is sponsored by Skyhigh Security. Visit https://securityweekly.com/skyhighsecurity to learn more about them! Segment 2: Why detection fails Caleb Sima put together a nice roundup of the issues around detection engineering struggles that I thought worth discussing. Amélie Koran also shared some interesting thoughts and experiences. Segment 3: Weekly Enterprise News Finally, in the enterprise security news, Fundings and acquisitions are going strong can cyber insurance be profitable? some new free tools shared by the community RSAC gets a new CEO Large-scale enterprise AI initiatives aren't going well LLM impacts on exploit development AI vulnerabilities global risk reports floppies are still used daily, but not for long? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-443

    1h 36m
  4. Making vulnerability management and incident response actually work. Also, the News! - Ryan Fried, Beck Norris, José Toledo - ESW #442

    JAN 19

    Making vulnerability management and incident response actually work. Also, the News! - Ryan Fried, Beck Norris, José Toledo - ESW #442

    Segment 1 with Beck Norris - Making vulnerability management actually work Vulnerability management is often treated as a tooling or patching problem, yet many organizations struggle to reduce real cyber risk despite heavy investment. In this episode, Beck Norris explains why effective vulnerability management starts with governance and risk context, depends on multiple interconnected security disciplines, and ultimately succeeds or fails based on accountability, metrics, and operational maturity. Drawing from the aviation industry—one of the most regulated and safety-critical environments—Beck translates lessons that apply broadly across regulated and large-scale enterprises, including healthcare, financial services, and critical infrastructure. Segment 2 with Ryan Fried and Jose Toledo - Making incident response actually work Organizations statistically have decent to excellent spending on cybersecurity: they have what should be sufficient staff and some good tools. When they get hit with an attack, however, the response is often an unorganized, poorly communicated mess! What's going on here, why does this happen??? Not to worry. Ryan and José join us in this segment to offer some insight into why this happens and how to ensure it never happens again! Segment Resources: [Mandiant - Best practices for incident response planning] (https://services.google.com/fh/files/misc/mandiantincidentresponsebestpractices_2025.pdf?linkId=19287933) Beyond Cyberattacks: Evolution of Incident Response in 2026 Segment 3 - Weekly Enterprise News Finally, in the enterprise security news, Almost no funding… Oops, all acquisitions! Changes in how the US handles financial crimes and international hacking Mass scans looking for exposed LLMs The state of Prompt injection be careful with Chrome extensions and home electronics from unknown brands Is China done with the West? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-442

    1h 43m
  5. The State of Cybersecurity Hiring, 2026 content plans, and the weekly news - ESW #441

    JAN 12

    The State of Cybersecurity Hiring, 2026 content plans, and the weekly news - ESW #441

    First Topic - Podcast Content Plans for 2026 Every year, I like to sit down and consider what the podcast should be focusing on. Not doing so ensures every single episode will be about AI and nobody wants that. Least of all, me. If I have one more all-AI episode, my head is going to explode. With that said, most of what we talk about in this segment is AI (picard face palm.png). I think 2026 will be THE defining year for GenAI. Three years after the release of ChatGPT, I think we've hit peak GenAI hype and folks are ready for it to put up or shut up. We'll see winners grow and get acquired and losers pivot to something else. More than anything, I want to interview folks who have actually seen it work at scale, rather than just in a cool demo in a vendor sandbox. Also on the agenda for this year: The battle against infostealers and session hijacking: we didn't have a good answer in 2025. When is it coming? Will it include Macs, despite them not having a traditional TPM? The state of trust in outsourcing and third party use (Cloud, MSSPs, SaaS, contractors): 2025 was not a good year for third parties. Lots of them got breached and caused their customers a lot of pain. Also, there's the state of balkanization between the US and... the rest of the entire world. Everyone outside the US seems to be trying to derisk their companies and systems from the Cloud Act right now. Vulnerability management market disruption: there are half a dozen startups already plotting to disrupt the market, likely to come out of stealth in 2026 Future of the SOC: if it's not AI, what is it? What else??? What am I missing? What would you like to see us discuss? Please drop me a line and let me know: adrian.sanabria@cyberriskalliance.com Topic 2: The state of cybersecurity hiring This topic has been in the works for a while! Ayman had a whole podcast and book focused on all the paths people take to get into security. Jackie worked with WiSys on outlining pathways into a cybersecurity career. Whether you're already in cyber or looking for a way in, this segment crams a lot of great advice into just 15-20 minutes. Segment resources: Ayman's personal guide for getting into security https://www.wicys.org/wp-content/uploads/2025/10/WiCyS-Pathways-in-Cyber-PDF-9.24.25.pdf News Finally, in the enterprise security news, Fundings and acquisitions still strong in 2026! Santa might be done delivering gifts, but not protecting Macs! ClickFix attacks Weaponized Raspberry Pis MongoDB incidents for Christmas Top 10 Cyber attacks of 2025 US gets tough on nation state hackers? Brute force attacks on Banks An AI Vending Machine All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-441

    1h 36m
  6. Why are cybersecurity predictions so bad? - ESW #440

    JAN 5

    Why are cybersecurity predictions so bad? - ESW #440

    For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions. First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases. In the next segment, we cover some 2025 predictions we found on the Internet. In the final segment, we discuss 2026, drop some of our own predictions, and talk about what we hope to see this year. SPOILER: Please fix session hijacking, okay tech industry? Segment resources: A great site for better understanding logical fallacies and cognitive biases Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-440

    1h 30m
  7. Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439

    12/29/2025

    Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439

    For this week's episode of Enterprise Security Weekly, there wasn't a lot of time to prepare. I had to do 5 podcasts in about 8 days leading up to the holiday break, so I decided to just roll with a general chat and see how it went. Also, apologies, for any audio quality issues, as the meal I promised to make for dinner this day required a lot of prep, so I was in the kitchen for the whole episode! For reference, I made the recipe for morisqueta michoacana from Rick Martinez's cookbook, Mi Cocina. I used the wrong peppers (availability issue), so it came out green instead of red, but was VERY delicious. As for the episode, we discuss what we've been up to, with Jackie sharing her experiences fighting against Meta (allegedly, through some shell companies) building an AI datacenter in her town. We then get into discussing the limitations of AI, the potential of the AI bubble popping, and general limitations of AI that are becoming obvious. One of the key limitations is AI's inability to apply personal experience, have strong opinions, or any sense of 'taste'. I think I shared my observation that AI is becoming a sort of 'digital junk food'. "NO AI" has become a common phrase used by creators - a source of pride that media consumers seem to be celebrating and seeking out. Segment Resources: Kagi absolutely did NOT sponsor this episode. I have become a big fan of paying for search so that I am not the product. There are other players in this market, but I've settled on Kagi. We mention Ira Glass's bit on taste, which is a small bit of a longer talk he did on storytelling. The shorter bit is here, and is less than 2 minutes long. The full talk is split into 4 parts and posted on a YouTube channel called "War Photography" for some reason. Part 1: https://youtu.be/5pFI9UuC_fc Part 2: https://youtu.be/dx2cI-2FJRs Part 3: https://youtu.be/X2wLP0izeJE Part 4: https://youtu.be/sp8pwkgR8 Finally, we also bring up a talk we also discussed on episode 437, Benedict Evans' AI Eats the World Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-439

    1h 14m
  8. Internal threats are the hole in Cybersecurity's donut - Frank Vukovits - ESW #438

    12/22/2025

    Internal threats are the hole in Cybersecurity's donut - Frank Vukovits - ESW #438

    Interview with Frank Vukovits: Focusing inward: there lie threats also External threats get discussed more than internal threats. There's a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn't infringe on any individual organization's privacy. That's why we hear the industry discuss external threats more, though internally-triggered incidents far outnumber external ones. Internal threats, on the other hand, can get personal. Accidental leaks are embarassing. Malicious insiders are a sensitive topic that internal counsel would erase from company memory if they could. Even when disclosure is required, the lawyers are going to minimize the amount of detail that gets out. I was chief incident handler for 5 years of my enterprise career, and never once had to deal with an external threat. I managed dozens of internal cases over those 5 years though. In this interview, we discuss the need for strong internal controls with Frank Vukovits from Delinea. As systems and users inside and outside organizations become increasingly connected, maintaining strong security controls is essential to protect data and systems from both internal and external threats. In this episode, we will explore the importance of strong internal controls around business application security and how they can best be integrated into a broader security program to ensure true enterprise security. This segment is sponsored by Delinea. Visit https://securityweekly.com/delinea to learn more about them! Topic Segment: Personal Disaster Recovery Many of us depend on service providers for our personal email, file storage, and photo storage. The line between personal accounts and work accounts often blur, particularly when it comes to Apple devices. We're way more dependent on our Microsoft, Apple, Meta, and Google accounts than we used to be. They're necessary to use home voice assistants, to log into other SaaS applications (Log in with Google/Apple/FB), and even manage our wireless plans (e.g. Google Fi). Getting locked out of any of these accounts can bring someone's personal and/or work life to a halt, and there are many cases of this happening. I'm not sure if we make it past sharing stories about what can and has happened. Getting into solutions might have to be a separate discussion (also, we may not have any solutions…) Friend of the show and sometimes emergency co-host Guillaume posted about this recently A romance author got locked out of her books A 79 year old got locked out of her iPad with all her family photos. Sadly, this is one of the most common scenarios. Someone either forgets their pin and locks out the device permanently, or a family member dies and didn't tell anyone their passwords or pins, so the surviving family can't access data, pay the bills, etc. Google example: Claims of CSAM material after father documents toddler at doctor's request https://www.theguardian.com/technology/2022/aug/22/google-csam-account-blocked Dec 2025 Apple example: she tried to redeem a gift card that had been tampered with: https://hey.paris/posts/appleid/ Google example: developer lost all his work, because he was working on preventing revenge porn and other sensitive cases, and was building a better model to detect NSFW images: https://medium.com/@russoatlarge_93541/i-built-a-privacy-app-google-banned-me-over-a-dataset-used-in-ai-research-66bc0dfb2310 My partner's mom's Instagram account got hacked. Meta locked out all of it (Whatsapp, Instagram, Facebook) and she couldn't get it reinstated. They wouldn't even let her open a NEW account. Weekly Enterprise News Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-438

    1h 57m
See All (463)

Ratings & Reviews

4.9
out of 5
14 Ratings

About

News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire, Sean Metcalf.

Information

You Might Also Like