The Security Podcast of Silicon Valley

Most founders think you have to choose between security and usability. Riad Wahby disagrees—and built Cubist to prove it. In this episode, he breaks down how startups can achieve secure key management without sacrificing speed or flexibility.

Riad: www.linkedin.com/in/kwantam
Cubist: www.cubist.dev
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

What if security wasn’t something developers had to think about at all? That’s the vision Travis McPeak—former Netflix and Databricks security leader—is building at Resourcely. In this episode, he breaks down why most security tools fail, how trust between security and engineering got broken, and what it really takes to fix cloud misconfigurations before they hit production. Travis also shares what compliance is getting wrong, why developer experience is non-negotiable, and what he learned going from big tech to startup CEO.

Travis: www.linkedin.com/in/travismcpeak
Resourcely: www.resourcely.io
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

What if your security tools are actually slowing you down? Bright Security co-founder and CEO Gadi Bashvitz shares how their team went from AI fuzzing to reshaping the way developers tackle vulnerabilities—without drowning in false positives or compliance theater.

• Why AppSec hasn’t kept up with how engineering works today

• The 60x cost of fixing bugs in production

• What dev-first security actually looks like in the real world

• How Bright is helping teams fix the right issues—faster

Listen to learn how Bright Security is shifting security left—without slowing teams down.

Gadi: www.linkedin.com/in/bashvitz
Bright Security: www.brightsec.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

AI is no longer just writing code or generating images—it’s shaping how we think.

In this episode, we sit down with AI researcher, professor, and investor Michal Pechoucek to explore how artificial intelligence is shifting from targeting systems to targeting human cognition. Michal outlines four emerging threats that are redefining AI security and explains why deepfakes, behavioral data, and black-box models are putting trust itself at risk.

We also discuss the growing gap between AI innovation and AI safety, how China is approaching behavioral data, and what this shift means for founders, defenders, and the future of digital trust.

Michal: www.linkedin.com/in/pechoucek
Evolution Equity: www.evolutionequity.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

Everyone’s building AI. Few know how to deploy it safely. Yaron Singer, co-founder of Robust Intelligence (acquired by Cisco), reveals what’s really blocking AI from scaling—and why trust, not tech, is the biggest barrier. A must-listen for any founder navigating the AI wave.

Yaron Singer: www.linkedin.com/in/yaron-singer-76ab6317
Robust Intelligence: www.robustintelligence.com
Jon McLachlan: www.linkedin.com/in/jon-mclachlan
Sasha Sinkevich: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

Too many startups fall into the “more tools = more security” trap. Instead of better protection, they end up with data silos, integration nightmares, and security teams buried in alerts—while real threats slip through the cracks.

Kabir Mathur, CEO of Lean, breaks down why adding more security tools might be your biggest mistake, the hidden costs of tool sprawl, and how to actually build a security stack that works.

Kabir Mathur: www.linkedin.com/in/mathurkabir
Leen: www.leen.dev
Jon McLachlan: www.linkedin.com/in/jon-mclachlan
Sasha Sinkevich: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

Imagine waking up to thousands of customers scammed—using your brand’s name. The website looked real. The emails were flawless. No one saw it coming. This is the new reality of AI-powered fraud. Cybercriminals don’t need weeks to set up a scam anymore—they need just 4 hours.

Rod Schultz, CEO of Bolster AI, exposes the rise of automated phishing, brand impersonation, and large-scale fraud, plus the strategies businesses need to stop attacks before they escalate.

Rod: www.linkedin.com/in/rodschultz
Bolster AI: www.bolster.ai
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

What if the way you secure your company is all wrong? Taher Elgamal, the ‘Father of SSL,’ reveals why passwords are failing us, what smarter security looks like, and how businesses can thrive with it.
Taher: www.linkedin.com/in/taherelgamal
Evolution Equity: evolutionequity.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io

What does it take to stop a trillion-dollar criminal enterprise? Damon Fleury, Chief Product Officer of SpyCloud, dives into the murky world of cybercrime and the economy driving it. Fleury shares his journey from code and network stacks to facing off against an elaborate cybercrime ecosystem — one that’s as organized as a traditional business but designed purely to exploit and harm.
Damon: www.linkedin.com/in/damonfleury
SpyCloud: spycloud.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io