The Security Repo

Mackenzie Jackson & Dwayne McDaniel
  • 5.0(2則評分)
  • 科技
  • 每月更新

The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.

  1. 4月1日

    AI, Automation, & Humans' Role In Security: A View From Rsac 2026 With Jeff Man and Dwayne McDaniel

    In this episode of the Security Repo Podcast, Jeff Man and Dwayne McDaniel unpack the shift in cybersecurity from talking about AI as a future concept to confronting agentic AI as a present-day security reality. They explore what the industry is getting right and wrong, from automation’s potential to help close the skills gap to the ongoing danger of treating tools, compliance, and governance as substitutes for critical thinking. The conversation also turns personal, with reflections on security careers, favorite tools, timeless advice about access and trust, and Dwayne’s announcement that this chapter of the Security Repo Podcast is coming to a close. https://www.linkedin.com/in/jeffreyeman/ https://www.linkedin.com/in/dwaynemcdaniel/ About Jeff Man: Jeff is a respected Information Security advocate, advisor, hacker, evangelist, mentor, teacher, international keynoter, speaker, former host of Security & Compliance Weekly, co-host on Paul's Security Weekly, Tribe of Hackers (TOH) contributor, including Red Team, Security Leaders, and Blue Team editions, and a member of the Cabal of the Curmudgeons. Jeff currently serves as a PCI QSA and Trusted Advisor for Online Business Systems, also a Grant Advisory Board Member for the Gula Tech Foundation, Advisory Board Member for the Technology Advancement Center (TAC), and is the Director of Diversity, Equity, and Inclusion for Hak4Kidz NFP. Over 40 years of experience working in all aspects of computer, network, and information security, including cryptography, risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. Certified National Security Agency Cryptanalyst. Designed and fielded the first software-based cryptosystem ever produced by NSA. Inventor of the "whiz" wheel, a cryptologic cipher wheel used by US Special Forces for over a decade recently displayed at the National Cryptologic Museum. Honorary lifetime member of the Special Forces Association. Previously held security research, management and product development roles with the National Security Agency, the DoD and private-sector enterprises. Pioneering member of the first penetration testing "red team" at NSA. For the past thirty years has been a pen tester, security architect, consultant, QSA, and PCI SME providing consulting and advisory services to many of the nation's best known companies. https://darknetdiaries.com/episode/83/https://www.cybereason.com/blog/malicious-life-podcast-how-the-internet-changed-the-nsahttps://youtu.be/7bYTO_i-Txo About Dwayne McDaniel: Dwayne McDaniel is a Principal Developer Advocate who has been on a mission to "help people figure stuff out" for over a decade. At GitGuardian, he specializes in secrets security and non-human identity governance across cloud and DevOps environments. A frequent speaker at events like DevOpsDays and BSides, he helps security and engineering teams better understand complex issues.

    43 分鐘

  2. 3月25日

    Avoiding Operational Chaos While Defending A Credit Union With Data Classification - John Wallace

    In this episode of the Security Repo Podcast, IT Audit & Data Privacy Leader John Wallace joins Dwayne to talk about the importance of data classification, the cornerstone of data protection. They cover high levels of data tagging, using AI to help with the workload, and how, at the end of the day, governance really comes down to humans agreeing on definitions. John also talks a little about credit unions vs banks and shares his published poetry: "They Say Some Clouds Are Silver Lined, which is available on Amazon: https://www.amazon.com/They-Some-Clouds-Silver-Lined/dp/1664274774https://www.linkedin.com/in/johnfwallace3rd/John F. Wallace - CISA, CRISC, CDPSE, is a Senior IT Auditor II for Security Service Federal Credit Union, one of the largest credit unions in the United States. Mr. Wallace’s prior experience includes consulting in IT Risk Management and executive oversight of Risk Management and IT Audit functions in Fortune 500 and Fortune 100 financial services companies. Early in his career, he served in the U.S. Treasury as a Federal Bank Examiner. In that role he led Financial, Operational and IT Examinations of federally regulated financial institutions and the nation's largest banking IT Service Providers. Mr. Wallace holds the Certified Information Systems Auditor (CISA) certification, the Certified in Risk and Information Systems Control (CRISC) certification, and the Certified Data Privacy Solutions Engineer (CDPSE) certification.

    20 分鐘

  3. 3月18日

    OIDC And IAP In Production: Scaling Startup Security For Deepfake Defense - Talia Smiley

    In this episode of the Security Repo Podcast, Dwayne McDaniel talks with Talia Smiley, CTO of Silversight, about why her startup chose workload identity, OIDC, and IAP instead of long-lived secrets and service account keys. Talia explains how secure-by-default design, just-in-time access, and thoughtful infrastructure choices can actually be faster and more sustainable than legacy approaches, especially for growing teams. They also touch on multi-cloud considerations, deepfake defense in the enterprise, hiring signals for technical candidates, and the security advice that still holds up versus the advice that should be retired. https://silversight.ai/ https://services.google.com/fh/files/misc/cloud_threat_horizons_report_h12026.pdf Talia Smiley is a (literal) Master of Computer Science, infrastructure in particular. Her deep experience in networking, architecture implementation, data pipelines and big data have ensured that all of Silversight's cloud deployments run peacefully while she leads the development of Silversight Shield.

    20 分鐘

  4. 3月17日

    The PCI Ultimatum -Thrift Store OSINT, and "Lost Media" with Dwayne Edwards and Mike Radigan

    In this episode of the Security Repo Podcast, we uncover the wild and hilarious true story behind a forgotten piece of cybersecurity media history: “The PCI Ultimatum” and the world-building inside of it that gave us “Dwayne’s World of Security,” a DIY Cisco-era cult film rediscovered via a thrift store handbag. Guests Mike Radigan and Dwayne Edwards share how they disrupted corporate norms to create a storytelling-first, off-the-books PCI compliance movie that somehow still resonates today. Along the way, we explore the value of humor, storytelling, and going rogue to make security memorable. See that bag that started this entire conversation: https://dwayne-mcdaniel.com/img/dwosbag1.png https://dwayne-mcdaniel.com/img/dwosbag2.png Watch The PCI Ultimatum: https://www.1dave1cup.com/extra/pci/ Dwayne’s World Of Security trailer: https://www.youtube.com/watch?v=7_LGzNx09ig Be sure to check out: The ICS Security Radio Hour --- Half Hour (Dwayne Edward’s Podcast) https://www.youtube.com/channel/UCiTZVtx-XjO4nmQc98VwjrA About our guests Mike Radigan https://www.linkedin.com/in/radiganatbos/ Mike is a proven executive with unique experience in defining and communicating the value cybersecurity delivers to the business. Passionate for the business of cybersecurity, the mission of cybersecurity and the advancement of the cyber risk management profession. Cyber Risk Economics: Recognized expert in applying the Open FAIR body of knowledge Cyber Risk Quantification (CRQ): Operationalizing CRQ within GRC, BoD reporting, Strategic risk Proven Leader: Track record for devising accurate vision and strategies to achieve objectives --- Dwayne Edwards https://www.linkedin.com/in/dwedward/ During Dwayne’s tenure in IT & OT he has worked in in a variety of roles including security, data center and OT business and technology architecture. Dwayne’s primary interest is in protecting ICS environment. He also enjoys providing professional development for engineers and account managers.

    22 分鐘

  5. 3月13日

    From Annual Checkbox To Continuous SDLC Testing: Operationalizing AI Pentests - Andy Dennis of XBow

    In this episode of the Security Repo Podcast, Dwayne catches up with returning guest Andy Dennis (Head of Field Engineering at XBOW) to unpack what it really means to run “AI-backed” penetration testing at scale, without turning red teaming into a gimmick. They dig into how XBOW approaches discovery, guardrails, and reporting beyond “scan results,” and why operationalizing LLM-driven testing in real enterprises still demands SaaS-grade controls and infrastructure. The conversation closes on where this all goes next: continuous testing in the SDLC, deeper discovery of business-logic bugs, and a near future where findings increasingly translate into remediation-ready pull requests.https://xbow.com/   https://www.linkedin.com/in/andy-d-b43a17b/Head of Field Engineering at XBOW. Published author. Public speaker. Former undergraduate tutor and examiner. Cyber Security and AI Strategy. M&A technical due diligence. 22+ years in industry. International team management experience across 5 continents and 400+ individuals. Interest in Cybernetics. Andy has 22+ years experience in the technology industry and has worked in the UK, Canada and US. He’s had 5 books published on a variety of topics including IoT and the Raspberry Pi and spoken at multiple events around the country. Previously Andy tutored undergraduates at Goldsmith’s College, University of London’s online degree program and is currently studying with HEC in Paris.

    20 分鐘

  6. 3月11日

    Why Compliance Isn’t Governance & How GovOps Rebuilds Trust Boundaries – Mike Schwartz

    Why Compliance Isn’t Governance & How GovOps Rebuilds Trust Boundaries – Mike Schwartz In this episode of the Security Repo Podcast, Dwayne sits down with Mike Schwartz (CEO & founder of Gluu) to unpack GovOps as “next-gen governance” built to be declarative, provable, and continuous. They dig into why compliance ≠ governance, how formal reasoning can help prove policy outcomes, and why modern governance needs to shift from periodic audits to real-time visibility. The conversation closes with the collision of agentic AI + identity, the need for better software identity and token trust, and how this moment might finally unlock board-level investment in security. Links from the show: https://www.linkedin.com/in/nynymike/ GovOps Working Group on LinkedIn https://www.linkedin.com/groups/17478011/ https://gluufederation.medium.com/govops-manifesto-33eb7cb01ed3 Identerati Office Hours https://gluu.org/identerati-office-hours-episodes/ The Janssen Project https://docs.jans.io/stable/ https://www.cncf.io/projects/oscal-compass/ https://gemara.openssf.org/ Mike Schwartz is the Founder/CEO of Gluu, and leads the Linux Foundation Janssen Project. He is the co-author of the book "Securing the Perimeter" (Apress 2018) about how to use open source IAM tools. In addition to his day job at Gluu, he currently hosts the “Identerati Office Hours” Livestream twice a week, which features discussions on all topics digital identity and security. Mike resides in Austin TX with family and pigeons.

    38 分鐘

  7. 2月11日

    Building AI Solutions with a Security-First Mindset: Frameworks and Lessons with Henry Odibi

    In this episode of the Security Repo Podcast, we talk with Henry Odibi, a data engineer who pivoted from chemical engineering into data and AI. Henry shares how he hacked his way into tech, built his own automation tools, and now integrates AI responsibly—always with a “security first” mindset. He also emphasizes the importance of treating data as if it were your own and offers practical steps for anyone starting in AI or data engineering to stay secure. https://www.linkedin.com/in/henryodibi/ Henry Odibi transforms messy, real-time process data into high-performance data systems used across global manufacturing operations. With 4+ years of experience spanning chemical engineering, utilities, telemetry integration, and cloud architecture, he's built solutions that improve OEE, energy intensity, yield, inventory accuracy, and cycle time across 30+ Ingredion sites worldwide. He began his career on the plant floor, supervising wet mill operations and responding to breakdowns firsthand. Over time, Henry transitioned into a global data role where he now designs scalable data pipelines using Azure Data Factory, Databricks, PySpark, and Power BI — empowering teams with near-real-time visibility and decision intelligence. Henry has led internal training programs, built metadata-driven automation frameworks, and collaborated with cross-functional teams to deliver insight that drives action. His passion lies in building the future of digital manufacturing — a connected, automated, and self-optimizing production environment.

    19 分鐘

  8. 2月4日

    Link Safety, Lightweight AI & Operationalizing Threat Modeling - Nathan Koester

    In this episode of the Security Repo Podcast, Nathan Koester shares his path from reverse engineering for the Air Force to building practical security tools for real-world teams. He discusses *Pwnbook.io*, a platform for integrating and visualizing security tools and data, and *Charlemagne Labs*, a local-first browser extension using small language models to detect risky links. The conversation also explores the philosophy behind lightweight AI models, cognitive defense, and staying curious in a fast-evolving field. https://[pwnbook.io](https://pwnbook.io/) https://[Charlemagnelabs.ai](https://charlemagnelabs.ai/) Nathan Koester is an engineer with a diverse background, ranging from forward software development to reverse engineering embedded systems and performing vulnerability assessment. Nathan’s preferred work focus is leveraging his forward and reverse engineering skills with a red team mindset to provide pen-testing and vulnerability assessment capabilities.

    21 分鐘
顯示全部 (135)

評分與評論

5
(滿分 5 顆星)
2 則評分

簡介

The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.

資訊

  • 創作者
    Mackenzie Jackson & Dwayne McDaniel
  • 活躍年代
    2022年 - 2026年
  • 集數
    135
  • 年齡分級
    兒少適宜
  • 版權
    © Mackenzie Jackson & Dwayne McDaniel
  • 節目網站
    The Security Repo

你可能也會喜歡