Hacker Valley Studio

Hacker Valley Media

Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.

  1. 18h ago

    Is Vibe Coding Breaking the Internet? with Tanya Janca

    What happens when AI writes all the code and nobody reads it? What if the security prompt you trusted still produced software designed to leak your secrets? And who exactly is on the hook when an AI-generated application takes down your company? In this episode, Ron sits down with returning guest Tanya Janca, Secure Coding Trainer at SheHacksPurple Consulting, to dig into one of the most underestimated risks in software development today: vibe coding.  Tanya breaks down what vibe coding actually means, why AI trained on the internet's worst repositories is quietly baking the OWASP Top 10 into every app being built, and what her AI-powered secure coding prompt library can do to help. This is a candid, practical, and community-driven episode, the kind that'll make you want to audit your vibe code-a-thon project before it ever touches production. Impactful Moments 00:00 - Introduction 01:40 - The Rewind: Margaret Hamilton and Apollo 11 05:00 - Knight Capital and the $460M software failure 07:00 - Guest introduction: Tanya Janca  08:15 - What vibe coding actually means in 2026 10:00 - Real story: Claude leaked secrets in a live training 11:30 - Securemyvibe.ca and Tanya’s secure coding prompt library 15:00 - OWASP Top 10 vs OWASP Top 10 for LLMs  22:45 - Tanya's petition for the world's first secure coding law 24:55 - Device flow authentication and reducing security friction 28:00 - What the internet would look like in five years without change   Links Connect with our guest, Tanya Janca, on LinkedIn: https://www.linkedin.com/in/tanya-janca Get Tanya's free secure coding guideline: https://securecodingguideline.com Subscribe to Tanya’s AI Secure Coding Prompt Library: https://securemyvibe.ca Access Tanya's Newsletter & Free Monthly Training: https://newsletter.shehackspurple.ca Connect with Tanya across all social channels: @shehackspurple – Check out our upcoming events: https://www.hackervalley.com/livestreams  Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com  Become a sponsor of the show: https://hackervalley.com/work-with-us/

    36 min

  2. May 26

    Why Smart People Fall for Deepfakes with Perry Carpenter

    What if the most sophisticated attack has nothing to do with your firewall? In a world where AI can clone voices, re-lip-sync politicians, and spread a fake newscast to 200,000 people in days, the real target has always been your brain. Ron sits down with Perry Carpenter, Chief Deception Strategist at KnowBe4, to unpack why we're still getting fooled in 2026  and what we can actually do about it. Perry gets into the neuroscience behind why our brains are wired the way they are, how attackers exploit that, and what it really takes to build better instincts in a world full of AI-generated content. You'll also want to stick around for the live demos, where Perry breaks down why they worked and how to spot the tells.  Impactful Moments 00:00 - Introduction 02:15 - The myth: smart people don't get fooled 05:20 - Flashback segment: the Ireland deepfake and why it went viral 06:15 - Guest introduction: Perry Carpenter  09:50 - Exploiting cultural bias and tribal instincts 13:45 - Live deepfake demo: face and body replacement in real time 15:30 - Synthetic media vs. deepfake: what's the difference? 20:40 - Breaking down a deepfake: what made it convincing 23:00 - Overproof: why bad deepfakes try too hard 27:15 - System 1 vs. System 2 thinking in cybersecurity 29:45 - The FAIK framework: freeze, analyze, investigate, know 32:40 - Ron's closing reflection Links Connect with our guest, Perry Carpenter, on LinkedIn: https://www.linkedin.com/in/perrycarpenter Check out our upcoming events: https://www.hackervalley.com/livestreams  Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com  Become a sponsor of the show: https://hackervalley.com/work-with-us/

    36 min

  3. May 18

    Who Owns Your AI Security Policy? with Chris Cochran

    Right now, someone in your organization is probably feeding sensitive data into an AI system that nobody approved. So when something goes wrong, who's responsible? And more critically, do you even have a policy in place to answer that question? Ron Eddings sits down with his Hacker Valley co-founder, Chris Cochran, now serving as SANS Field CISO and VP of AI Security, to talk about his freshly released SANS AI Security Maturity Model, a practical framework built for security leaders who need to stop philosophizing and start making decisions.  They cover the three pillars of AI security maturity: utilizing AI for defense, protecting AI itself, and governing it across the organization. Chris then gets real about where most enterprises actually stand (hint: not as far along as they think). Listen for a conversation that meets you wherever you are: skeptic, early adopter, or somewhere in between. Impactful Moments 00:00 - Introduction  03:00 - Chris Cochran: from Co-Founder to SANS Field CISO  04:20 - Your board is pushing AI before security is ready  06:00 - Tiers of AI uses: summarization to full automation  07:50 - When AI shouldn't make the final call  10:10 - Bite-sized AI: starting small in the enterprise  11:45 - Introducing the SANS AI Security Maturity Model  13:20 - You can no longer afford to be an AI skeptic  16:30 - Three buckets: utilize, protect, and govern AI  18:50 - Fact or Cap: what level of maturity is your enterprise?  21:00 - Retroactive vendor risk and the AI explosion  23:05 - Agentic Identity: workforce, non-human, and beyond  25:00 - What works in the agentic identity space?  27:05 - Blockchain for agent identity: promising or hype?  29:00 - A Message for the next generation of practitioners  31:30 - Ron's closing take: who owns your AI policy? Links Connect with Chris Cochran on LinkedIn: ​​https://www.linkedin.com/in/chrishvm/ Download the SANS AI Security Maturity Model: https://www.sans.org/mlp/2026-ai-security-maturity-model-ebook Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    35 min

  4. May 1

    Turning 30,000 Findings Into 50 That Matter with Dan Pagel and Brad Hibbert

    Mythos just found 30,000 new vulnerabilities, and now every security team is asking the same question: what actually matters? In this episode, Ron Eddings sits down with Dan Pagel, CEO at Brinqa, and Brad Hibbert COO & CSO at Brinqa, to break down the Anthropic Mythos moment that rattled the security industry. From the panic of millions of new findings dropping overnight to the strategy of narrowing them down to the 50 that actually matter in YOUR environment, this episode is a masterclass in exposure management at machine speed. Dan and Brad share how Brinqa helps organizations make sense of massive volumes of findings, correlating data across 260+ connectors, enriching vulnerability context, and delivering clear, explainable actions to IT operations teams. They also tackle the bigger question: how do you build enough trust in AI to let it take autonomous action on your behalf? The answer starts with better data, better explainability, and knowing when to keep humans in (or on) the loop. Impactful Moments 00:00 - Introduction 02:00 - What just happened? Breaking down the Anthropic Mythos moment 04:10 - Why most new findings don’t apply to your environment 07:12 - What Mythos means to the broader market 09:09 - Why AI-driven discovery isn’t slowing down 11:00 - The gap between security and IT ops: how explainability closes it 13:38 - How fast you should go through findings  15:53 - Why MTTR is the wrong metric and what businesses actually care about 18:03 - Why real-time visibility is replacing scheduled scanning 19:50 - Human IN the loop vs. human ON the loop 22:14 - What happens when AI hallucinates?  27:20 - Why we’re over and under-estimating the impact of AI 29:54 - The immediate win Brinqa achieves for its customers 31:50 - What CISOs are really asking now: "What does good look like?" Links Connect with our guest, Dan Pagel, on LinkedIn: https://www.linkedin.com/in/dpagel/ Connect with our guest, Brad Hibbert, on LinkedIn: https://www.linkedin.com/in/bradhibbert/ Learn more about Brinqa: https://www.brinqa.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    35 min

  5. Apr 24

    Killing the Playbook with Agentic AI with Allan Alford and Tom Findling

    SOAR promised to close the loop in the SOC and fell flat. Agentic AI is finally delivering what a decade of playbooks couldn’t. In this episode, Ron sits down with Allan Alford, SVP at NTT Global Data Centers, and Tom Findling, co-founder and CEO of Conifers.ai. They cover why static playbooks broke under real-world conditions and how agentic systems are flipping the SOC operating model. They get into hallucination guardrails, human-on-the-loop versus human-in-the-loop, and the QR-code phishing investigation an agent solved on its own without being told how. The conversation closes on trust thresholds, the speed of enterprise adoption, and Allan's blunt warning to any CISO trying to slow this train down… you're already on the tracks. Impactful Moments 00:00 - Intro 02:30 - Why the lazy sysadmin always wins 05:15 - Why SOAR fell flat 08:00 - Guardrails, hallucinations, and showing the work 13:00 - The SOC AI holy grail 15:30 - The moment you start saying we 17:30 - QR-code phishing the agent solved alone 19:00 - Why playbooks were never going to scale 28:00 - Earning trust at enterprise scale 33:30 - Stand in front of this revolution and lose 35:40 - Risk quantification on business steroids   Links Connect with our guest, Tom Findling, on LinkedIn: https://www.linkedin.com/in/tomfindling/  Learn more about Conifers.ai at https://www.conifers.ai  Connect with our guest, Allan Alford, on LinkedIn: https://www.linkedin.com/in/allanalford/  ___ Check out our upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    39 min

  6. Apr 17

    The Epidemic of Sameness Is Killing Your Brand with Don Jeter

    In 2025, Torq brought a monster truck to RSAC. And Don Jeter, Torq's CMO, will be the first to tell you: nobody's buying an AI SOC platform because of a grave digger in the booth. In this episode, Ron sits down with Don to discuss what Torq is actually doing in a category packed with 60 near-identical vendors, and why "the epidemic of sameness" is the real threat to every cybersecurity brand right now. Don explains why Torq builds everything in-house, why he starts every strategy by listening instead of pitching the product, and why the only differentiator left in cyber marketing is how much you genuinely care. It's a conversation about brand, but it's really a conversation about trust, community, and what it takes to make a CISO text you back.   Impactful Moments 00:00 - Introduction 03:50 - How Don landed at Torq 06:09 - What the Torq brand stands for 07:41 - Giving cybersecurity pros their flowers 09:09 - Cookie-cutter booths, cookie-cutter brands 12:00 - Why Torq built everything in-house 15:34 - Start with listening, not the product 18:13 - "We have to out-care the other teams" 21:45 - Nobody buys because of a monster truck 24:06 - Welcome to the experience age 28:30 - Entertain them or lose them Links Connect with our guest, Don Jeter, on LinkedIn: https://www.linkedin.com/in/donjeter/  Check out our upcoming events: https://www.hackervalley.com/livestreams Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    35 min

  7. Apr 7

    Minutes to Meltdown: Cyber Recovery When It Counts with Chris Bevil

    Most organizations are prepping for disaster recovery when they should be building for cyber recovery, and those are not the same thing.  Recorded live at RSAC Conference 2026, Ron sat down with Chris Bevil, Principal Security AI Strategist at Commvault, to break down what actually happens after a breach hits and why most teams are caught flat-footed.  Chris walks us through Commvault's Minutes to Meltdown tabletop exercise, why isolated recovery environments matter, and how clean data determines whether you get your company back in hours or in 200+ days.  This episode will tell you what separates a team that recovers from a team that unravels.  Impactful Moments 01:16 - Live at RSAC 2026 with Chris Bevil, Principal, Security AI Strategist at Commvault 01:40 - Minutes to Meltdown origin story 03:00 - What goes into a Meltdown?  04:48 - What happens in the first 30 minutes of chaos 07:00 - What Commvault actually does 08:21 - What is IRE? Isolated recovery environment breakdown 10:40 - What is Disaster Recovery in 2026?  13:00 - How cyber recovery differs from disaster recovery  14:20 - Where attackers go in the first 30 minutes 15:40 - The 3-2-1 rule and where teams fail 21:45 - What successful recovery looks like 25:14 - AI strategy at Commvault Links Connect with our guest, Chris Bevil, on LinkedIn: https://www.linkedin.com/in/chris-b-211998a/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    29 min

  8. Apr 1

    Building AI Governance Before the Incidents Hit with Guru Sethupathy

    AI adoption is outpacing governance at every level, and the cost of waiting is getting higher by the day. Guru Sethupathy, General Manager of AI Governance at Optro and former Founder of FairNow, breaks down what it really takes to build trust in AI systems before things go sideways.  Guru lays out a simple but powerful 3 P’s Framework: policies, process, and people, connecting it to what teams are actually dealing with right now, from shadow AI to security threats that don’t look like anything we’ve seen before. If 2026 is the year AI moves from experiments to real operations, this conversation is your blueprint for keeping it under control. Impactful Moments 00:00 - Introduction 02:25 - What does Optro do? Helping companies with the AI governance journey.  03:10 - Why AI governance is really about trust, not control 05:15 - The moment AI went mainstream, and why that changed everything 05:50 - The three real business risks: performance, security, and transparency 07:30 - Human accountability in an AI-driven world  08:48 - What’s actually happening with AI regulation, EU, US, and standards 10:28 - Where Optro fits, orchestration vs monitoring in AI governance 13:05 - The 3 Ps framework: policies, process, and people 14:47 - Governance 101, why AI inventory is the first move every team misses 16:12 - The reality check, AI adoption is outpacing governance everywhere 17:45 - Shadow AI explained, what your team is doing that you can’t see 19:45 - Optro’s top use cases: visibility, compliance, and operationalizing governance 20:43 - Who owns AI governance, and why it’s becoming a team sport 22:20 - Final advice, start now or play catch-up later Links Connect with our guest, Guru Sethupathy, on LinkedIn: https://www.linkedin.com/in/guru-sethupathy/ Learn more about Optro: https://optro.ai/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

    24 min
See All (426)

4.7
out of 5
60 Ratings

About

Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.

Information

  • Creator
    Hacker Valley Media
  • Years Active
    2019 - 2026
  • Episodes
    426
  • Rating
    Clean
  • Copyright
    © Copyright 2019 All rights reserved.
  • Show Website
    Hacker Valley Studio

You Might Also Like