Security Conversations

A cybersecurity podcast series by Ryan Naraine

About the show

Security Conversations is a cybersecurity podcast series curated by journalist and security strategist Ryan Naraine. These conversations with security practitioners cover a wide range of topics, including threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted threat activity.

Connect with Ryan on Twitter (Open DMs).

Disclosure: Ryan is a security strategist at Intel Corp. Ryan produces this podcast in his personal capacity and the views and opinions expressed in these recordings do not necessarily reflect the positions and views of Intel Corp. or any of its subsidiaries.


  • Chad Loder, co-founder and CEO, Habitu8

    July 31st, 2018  |  53 mins 28 secs
    patching, pentesting, red-teaming, threat-modeling

    Cybersecurity industry veteran Chad Loder talks about his time as co-founder of Rapid7, the decision to acquire Metasploit, lessons learned from moving to the CISO chair and why the industry still struggles with security awareness training.

  • Chris Castaldo, Senior Director of Cybersecurity, 2U

    July 26th, 2018  |  39 mins 44 secs
    careers, cisos, decisionmaking

    Chris Castaldo, senior director of cybersecurity at 2U, Inc., joins Ryan on the podcast to talk about building a threat model for digitizing the education sector, his top priorities as a defender, new solutions that impress him, and why it's important to get independent third-party security assessments.

  • Wim Remes, CEO and Principal Researcher, Wire Security

    July 23rd, 2018  |  40 mins 42 secs
    patching, pentesting, red-teaming, threat-modeling

    Founder and CEO of Wire Security Wim Remes discusses the intricacies of penetration testing, red-teaming, bug bounties, and calls for defenders to embrace continuous pen-testing.

  • Dan Hubbard, Chief Security Architect, Lacework

    July 16th, 2018  |  38 mins 12 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Lacework Chief Security Architect Dan Hubbard joins the podcast to discuss his new research on container security, the challenges of securing cloud deployments, and why technological advancements have widened attack surfaces.

  • David Weston, Principal Security Engineering Manager, Microsoft

    June 24th, 2018  |  46 mins 23 secs
    exploits, microsoft, mitigations, windows

    David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.

  • Rich Seiersen, SVP and CISO, Lending Club

    June 18th, 2018  |  37 mins 28 secs
    careers, cisos, decisionmaking

    SVP and Chief Information Security Officer (CISO) at Lending Club, Rich Seiersen, digs into the nuts and bolts of defending a financial services firm, his approach to finding quality cybersecurity talent, and the importance of confronting security with data. (Recorded during fireside chat at SecurityWeek's CISO Forum)

  • Andrew Morris, Founder and CEO, GreyNoise Intelligence

    May 31st, 2018  |  37 mins 19 secs
    analytics, entrepreneur, internet-scans, threat-intel

    Founder and CEO of GreyNoise Intelligence Andrew Morris talks about his anti threat-intelligence company, the ways SOCs are using it to filter through scanning noise and the trials and tribulations of bootstrapping a start-up.

  • Yoav Leitersdorf, Managing Partner , YL Ventures

    May 21st, 2018  |  26 mins 7 secs

    Managing Partner at YL Ventures, Yoav Leitersdorf, explains the surge in cybersecurity investments in Israel, the priorities for his $75 million fund, and which sectors are ripe for the picking.

  • Juan Andrés Guerrero-Saade, Principal Security Researcher, Recorded Future

    May 14th, 2018  |  1 hr 1 min
    apt, threat-intel

    Principal Security Researcher at Recorded Futures Insikt Group, Juan Andrés Guerrero-Saade, explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don't have to be sophisticated to launch successful attacks.

  • Robert M. Lee, Chief Executive Officer, Dragos Inc.

    May 10th, 2018  |  54 mins 44 secs
    apt, ics-scada, targeted-attacks, threat-intel

    The founder and CEO of Dragos, Inc. Robert M. Lee cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.

  • Brandon Dixon, Vice President, RiskIQ

    May 9th, 2018  |  1 hr 3 mins

    VP of Product at RiskIQ Brandon Dixon delves into nation-state cyber operations, explains why it’s dangerous to underestimate North Korea’s capabilities, and his passion for roasting the perfect coffee bean.

  • Ryan Huber, Security Architect, Slack

    May 8th, 2018  |  1 hr 4 mins

    Slack security architect Ryan Huber talks about the gargantuan task of defending an organization with 8 million daily active users, burnout, and fatigue in security teams and a range of issues around bug bounties and penetration testing.