The Security Podcast of Silicon Valley

In this episode of a YSecurity.io production, we delve into the innovative world of Aman LaChapelle, whose fresh engineering perspective is shaping the future of security, privacy, AI, big data, and scalable compute infrastructure. As a key figure at Modular, Aman is at the helm of a transformative project aimed at rebuilding AI infrastructure to make it accessible and privacy-conscious for all.

Aman shares his insights into the complexities of balancing the need for robust data privacy with the demands of building scalable AI systems. His approach, deeply rooted in a nuanced understanding of both the technical and ethical dimensions of AI, highlights the critical importance of privacy in the age of big data.

The conversation takes an exciting turn as we explore what Aman perceives as the missing elements in the current tech ecosystem. His observations challenge conventional wisdom and spark a lively discussion on the gaps and opportunities for innovation in AI infrastructure. The revelations shared by Aman are not only thought-provoking but also underscore the urgency of addressing these shortcomings to advance the field.

Listeners will be captivated by Aman's vision for a future where AI infrastructure is democratized, ensuring that advancements in technology are leveraged responsibly and inclusively. His passion for integrating privacy considerations into the fabric of AI development is a powerful reminder of the need for a holistic approach to technological innovation.

Tune into this YSecurity.io production for an enlightening conversation with Aman LaChapelle. Whether you're an engineer, a tech enthusiast, or someone interested in the intersections of AI, privacy, and infrastructure, this episode offers a fresh perspective on the challenges and possibilities that lie ahead. Join us as we uncover the missing pieces in the tech ecosystem and explore Aman's groundbreaking work at Modular.

In this episode of a YSecurity.io production, we dive deep into the world of cryptography and software security with David M'Raihi, the Chief Product Security Officer at Rivian. With a wealth of experience in the field, David shares his insights on the multifaceted challenges and opportunities in protecting innovative technologies in the automotive industry.

David and host Jon McLachlan engage in a fascinating discussion on the essentials of building a robust security team, the intricacies of cryptographic systems, and the potential vulnerabilities that could lead to breaking RSA encryption. Beyond the technicalities, David offers a glimpse into his philosophy on leading an intentional and deliberate life, both within and outside the realm of cybersecurity.

Listeners will gain a rare look into the strategic thinking and technical prowess required to safeguard the future of mobility at Rivian, where cutting-edge vehicles and sustainable technology meet. David's approach to product security encompasses not only the protection of sophisticated software and hardware but also a commitment to fostering a culture of security awareness and resilience within the organization.

This episode is a must-listen for anyone interested in the crossroads of cryptography, automotive innovation, and personal growth. David M'Raihi's journey and reflections provide valuable lessons on leadership, the importance of a proactive security posture, and the pursuit of excellence in one's professional and personal life.

Tune into this YSecurity.io production for an enlightening conversation with David M'Raihi. Whether you're a cybersecurity professional, a technology enthusiast, or someone curious about the intersection of innovation and security in the automotive industry, this episode offers a unique blend of expertise, wisdom, and inspiration. Join us as we explore the complexities of securing the future of transportation and the deliberate choices that shape a meaningful life.

In this inspiring episode of a YSecurity.io production, we are joined by Michael Crandell, CEO of Bitwarden Inc., who shares the vision, journey, and the profound wisdom behind Bitwarden's success. Bitwarden stands at the forefront of enhancing collaboration, bolstering security, and amplifying productivity through the synergy of open source and community engagement, offering an intuitive solution for securing passwords and sensitive information.

Michael delves into the ethos of Bitwarden, emphasizing how the open-source model not only fosters innovation and transparency but also cultivates a sense of belonging and contribution among its users. He reflects on the journey of Bitwarden, from its inception to becoming a pivotal tool for individuals and organizations worldwide in managing their digital security.

Listeners will be captivated by Michael's insights into the challenges and triumphs of building a security platform that prioritizes ease of use without compromising on robustness. The conversation sheds light on the unique advantages of leveraging community feedback and collaboration to refine and evolve security solutions, underscoring the critical role of open-source principles in the dynamic landscape of cybersecurity.

This episode is a testament to the power of community-driven development and the potential of open source to revolutionize how we think about and implement security in our digital lives. Michael's vision for Bitwarden and his deep understanding of the interplay between technology, security, and community engagement offer invaluable perspectives for anyone interested in the future of cybersecurity.

Tune into this YSecurity.io production for an engaging and enlightening conversation with Michael Crandell. Whether you're deeply involved in the tech industry, passionate about open-source projects, or simply looking for effective ways to secure your digital footprint, this episode provides a compelling look at the impact of community and open source on advancing security and productivity. Join us as we explore the inspirational journey of Bitwarden and the vision that drives its mission to make the digital world a safer place for everyone.

Sergej Dechand shares his security journey from usable security research to Co-Founding Code Intelligence, where he is CEO. Code Intelligence delivers open-source static analysis-guided fuzz testing that enables developers to simplify software security testing without modifying their code.

In this episode of a YSecurity.io production, we dive into the compelling world of software security with Sergej Dechand, Co-Founder and CEO of Code Intelligence. Sergej takes us through his fascinating journey from conducting usable security research to leading a company that's revolutionizing the way developers approach software security testing through open-source static analysis-guided fuzz testing.

Sergej explains how Code Intelligence is making sophisticated security testing accessible and efficient for developers, enabling them to detect vulnerabilities without the need to modify their existing code. By leveraging the power of fuzz testing, Code Intelligence empowers developers to build safer applications, highlighting Sergej's commitment to improving software security from the ground up.

Throughout the conversation, Sergej shares insights into the challenges and opportunities in the field of software security, emphasizing the importance of making security tools both powerful and user-friendly. He discusses the inspiration behind Code Intelligence, the impact of open-source contributions, and the future of security testing in an increasingly digital world.

Listeners will gain a deeper understanding of the critical role of security testing in software development and the innovative approaches being developed to tackle these challenges. Sergej's journey from a researcher to a tech entrepreneur provides a unique perspective on the intersection of usability and security, showcasing the potential for technology to create safer digital environments.

Join us on this YSecurity.io production for an enlightening conversation with Sergej Dechand. Whether you're a developer, a security professional, or someone interested in the evolving landscape of software development and security, this episode offers valuable insights into the cutting-edge of security testing technology. Tune in as we explore how Code Intelligence is simplifying and strengthening software security, one fuzz test at a time.

Dive into the world of cryptography with Benoit Chevallier-Mames in this episode of a YSecurity.io production, where he shares his remarkable journey through the realms of encryption, engineering, and leadership. From making significant contributions at Apple to his current role at Zama, Benoit's work has profoundly impacted data security for billions of users worldwide, all while maintaining a humble demeanor.

Benoit opens up about the valuable lessons learned during his tenure at Apple, offering insights into the challenges and breakthroughs that come with working on security for one of the most influential tech companies in the world. His transition to Zama marks a new chapter in his mission to enhance data protection, focusing on pioneering work in Fully Homomorphic Encryption (FHE) tailored for Machine Learning applications. Zama's open-source SDK represents a leap forward in making advanced cryptographic techniques accessible and practical for developers, underscoring Benoit's commitment to democratizing data security.

Throughout the conversation, Benoit delves into the technical intricacies behind Zama's approach to FHE, shedding light on how this cutting-edge technology can revolutionize privacy and security in the age of AI and big data. His explanations demystify complex concepts, making them understandable for both cryptography experts and enthusiasts alike.

The episode culminates in Benoit sharing profound words of wisdom, reflecting on his experiences and the philosophical underpinnings of his work. His perspective not only inspires but also offers guidance to those navigating the ever-evolving landscape of technology and security.

Join us in this YSecurity.io production for an enlightening discussion with Benoit Chevallier-Mames. Whether you're deeply embedded in the field of cryptography, fascinated by the intersection of security and technology, or seeking inspiration from those who've made a silent yet indelible impact on our digital lives, this episode promises a wealth of knowledge, insight, and inspiration.

In this engaging episode of a YSecurity.io production, we sit down with Aaron Painter, CEO of Nametag Inc, to explore the cutting-edge future of authentication. As we delve into the concept of "Sign in with ID," Aaron shares his vision for a world where traditional passwords and device-based authentication methods are replaced with a more secure, trusted, and user-friendly alternative.

Aaron provides a deep dive into how Nametag Inc is leading the charge in revolutionizing the way we think about securing our digital identities. Through the innovative "Sign in with ID" approach, Aaron discusses the potential to enhance privacy, reduce fraud, and streamline user experiences across the digital landscape.

Listeners will gain insights into the challenges and opportunities presented by current authentication methods and how Nametag's solutions aim to address these issues head-on. Aaron's expertise and passion for improving digital security shine through as he outlines the technical and societal implications of adopting ID-based authentication systems.

This conversation is not just about the future of authentication; it's a glimpse into the potential for technology to create more secure and efficient interactions in our increasingly digital world. Aaron's thoughtful analysis and forward-looking ideas offer valuable perspectives for anyone interested in the future of digital security, privacy, and user experience.

Tune into this YSecurity.io production for an enlightening conversation with Aaron Painter. Whether you're a tech enthusiast, a security professional, or someone curious about the next generation of authentication technologies, this episode offers a compelling look at how "Sign in with ID" could transform the way we access and protect our online presence.

In this enlightening episode of a YSecurity.io production, we delve into the transformative world of authorization with Anders Eknert, whose journey to Styra is marked by deep insights and vast experience. Anders guides us through the evolution of authorization, addressing the pivotal question, "What are you allowed to do?" and illustrating how the landscape is shifting away from the chaotic "wild-wild-west" towards more structured, secure, and efficient frameworks.

Anders shares his journey, highlighting key experiences that have shaped his understanding and approach to authorization. With a focus on best practices, he explores the complexities of managing permissions and access in today's digital environments. Through his work at Styra, Anders is at the forefront of developing solutions that not only enhance security but also improve operational agility and compliance.

Listeners will gain a comprehensive understanding of the challenges and advancements in authorization technology. Anders' expertise illuminates the path toward more sophisticated and user-centric authorization models, emphasizing the importance of clear policies, automation, and the role of open-source projects like Open Policy Agent (OPA) in driving the industry forward.

This episode offers a unique opportunity to learn from one of the leading voices in the field of authorization. Whether you're a security professional, a developer navigating access control in your applications, or simply interested in the future of digital security and governance, Anders' insights provide valuable perspectives on the evolution of authorization practices.

Join us in this YSecurity.io production for a fascinating conversation with Anders Eknert. For those interested in reaching out or learning more about Styra's approach to authorization, Anders can be contacted at anders@styra.com. This episode is a must-listen for anyone looking to stay ahead in the rapidly evolving world of digital security and authorization.

In this episode of a YSecurity.io production, we're privileged to have Sean Cassidy, the Head of Security at Asana, share the wealth of knowledge and experience he's accumulated in building leading security teams and developing impactful security products. Sean takes us on a journey through his career, offering an insider's view on the challenges and triumphs of establishing a culture of security excellence within an organization.

Listeners will be treated to Sean's stories from the trenches—lessons learned from both successes and setbacks. He delves into the strategies that have enabled him to assemble outstanding security teams, emphasizing the importance of diversity, continuous learning, and fostering an environment where innovation thrives.

Beyond team building, Sean discusses the intricacies of creating security products that not only protect but also enhance user experience. He shares insights into the balance between security and usability, the role of security in product design, and how Asana approaches these challenges to deliver solutions that businesses trust.

This episode offers valuable lessons for anyone interested in the art and science of security leadership and product development. Whether you're a budding security professional, a seasoned expert, or simply fascinated by the behind-the-scenes work that goes into protecting digital spaces, Sean's experiences provide a roadmap for excellence in the security domain.

Join us on this YSecurity.io production for an engaging and enlightening conversation with Sean Cassidy. Explore the journey of building security teams that make a difference and the process of crafting products that stand the test of today's security challenges.

In this thrilling episode of a YSecurity.io production, we sit down with Will Butler, a seasoned security expert whose journey into the world of red teaming began with an audacious hack of airport security systems in his youth. This pivotal moment not only sparked Will's passion for security but also set him on a path to becoming a formidable figure in the field of penetration testing and red teaming.

Will shares his fascinating transition from a curious youngster with a knack for finding security loopholes to a professional dedicated to safeguarding organizations against cyber threats. He delves into the various facets of red teaming, explaining the different types of red teams and the unique value they bring to businesses through penetration testing. Listeners will gain an insider's perspective on what constitutes a successful attack and the creative, unconventional thinking required to unearth vulnerabilities.

The conversation also touches on the critical importance of diversity within red teams. Will argues that a broad range of perspectives and experiences is crucial for success in this field, enhancing the team's ability to think outside the box and anticipate the myriad ways an attacker might breach security defenses.

Moreover, Will addresses the ethical and moral dilemmas that penetration testers often face. He discusses the fine line between hacking for security enhancement and the potential for misuse of skills, emphasizing the importance of ethical guidelines and professional integrity in the practice of red teaming.

This episode is a treasure trove for anyone intrigued by the art and science of cybersecurity, offering deep insights into the challenges, strategies, and ethical considerations of red teaming and penetration testing. Whether you're an aspiring security professional, a seasoned expert, or simply fascinated by the world of cybersecurity, join us for an engaging and enlightening conversation with Will Butler.

Tune into this YSecurity.io production to explore the captivating journey of a red team leader who transformed a youthful curiosity into a career dedicated to advancing security practices and protecting organizations from cyber threats.

In this enlightening episode of a YSecurity.io production, we're joined by Ben, a versatile software engineer with a rich background in computer security. Having navigated a diverse career path that spans startups, major tech companies, research labs, and intelligence agencies, Ben brings a unique perspective to the table. He shares his journey into the world of security, recounting the experiences, challenges, and milestones that have shaped his career.

Ben delves into how he discovered his passion for security and the pivotal moments that guided his path through the industry's various sectors. His insights into the evolution of his roles offer listeners a glimpse into the dynamic and multifaceted nature of working in cyber security and threat intelligence.

Throughout the conversation, Ben discusses the obstacles he's encountered, both technical and personal, and how overcoming these has informed his approach to security. His stories highlight the importance of adaptability, continuous learning, and the value of diverse experiences in forging a successful career in cyber security.

Looking to the future, Ben shares his thoughts on the direction of Threat Intelligence and Cyber Security. He discusses emerging trends, the increasing significance of proactive defense mechanisms, and how the industry can evolve to address the growing sophistication of cyber threats.

Listeners will come away with a deeper understanding of the cyber security field from someone who has witnessed its evolution firsthand and contributed to its development. Ben's experiences underscore the importance of diversity in thought and background in enriching the security domain and driving innovation.

Tune into this YSecurity.io production for a compelling journey through the cyber security landscape with Ben. Whether you're an aspiring security professional, a seasoned expert, or simply intrigued by the complexities of protecting digital assets in an ever-changing threat environment, this episode promises valuable insights into the challenges and opportunities that lie ahead in the realm of cyber security and threat intelligence.