• Binarly (https://binarly.io)
• Binary Risk Hunt (https://risk.binarly.io)

In this reboot of the Security Conversations interview series, Foundation Capital partner Sid Trivedi weighs in on major changes to the RSA Innovation Sandbox, the mandatory $5M uncapped SAFE investment for all 10 finalists, and red-flag concerns around discounts and pro-rata rights.

Also discussed: controversial pay-for-play dynamics involving CISOs and venture capital firms, ethical implications of CISOs taking advisory positions in startups, and the challenges of investing in seed-stage startups amidst a trend towards platformization.

Links:

• RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment
• RSA Innovation Sandbox: $50 Million Annual Investment Program for Top 10 Finalists
• RSA Conference - How do SAFEs work?
• This VC Built A Cybersecurity Unicorn Machine. Then Came A Conflict Of Interest Mess.
• The Gili Ra’anan model: CISOs and VCs controversy
• Sid Trivedi bio
• Foundation Capital

• Binarly, the supply chain security experts (https://binarly.io)
• XZ.fail backdoor detector (https://xz.fail)

Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at Pwn2Own/Pwnium, and the cat-and-mouse battle for browser exploit chains. We also discuss the zero-day exploit marketplace, the hype and promise of AI, and his mission to help highly technical founders bring products to market.

Links:

• Unedited transcript (AI-generated)
• Cris Neckar on LinkedIn
• Cris Neckar Bio (Two Bear Capital)
• Teenager hacks Google Chrome with three 0days
• Research on Trident zero-day flaws
• Cris Neckar podcast transcript (Unedited)

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Seth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and valuations, and the red-hot sectors in cybersecurity ripe for venture investment.

Links:

• Seth Spergel bio — Seth has more than 20 years of experience building, selling, and investing in software and startups. Prior to Merlin Ventures, Seth was VP for Infrastructure Technologies at In-Q-Tel, a strategic investment firm that invests in startups that meet the mission needs of government customers.
• Merlin Ventures portfolio
• Palo Alto buys Talon, Dig Security — Technology powerhouse Palo Alto Networks is officially on a billion-dollar shopping spree in the cloud data security space.
• Episode Sponsor: Binarly — The Binarly REsearch team leads the industry in firmware vulnerability disclosure and advisories

• Binarly (https://binarly.io)
• FwHunt (https://fwhunt.run)

Munich Re Ventures investment principal Sidra Ahmed Lefort joins Ryan Naraine for a frank discussion on the state of VC funding in cybersecurity, the rise (and coming correction) in the land of security 'unicorns', the massive early-stage funding rounds and what they mean, layoffs and contractions, and the places in security still ripe for innovation.

Links:

• Sidra Ahmed Lefort on LinkedIn
• Portfolio | Munich Re Ventures
• What's Going on With Cybersecurity VC Investments?
• Video: VC View - Trends in Cybersecurity Innovation

Links:

• Follow Fahmida on Twitter
• Fahmida Rashid on LinkedIn