The Security Podcast of Silicon Valley, a YSecurity.io Production

In this engaging episode of a YSecurity.io production, we sit down with Aaron Painter, CEO of Nametag Inc, to explore the cutting-edge future of authentication. As we delve into the concept of "Sign in with ID," Aaron shares his vision for a world where traditional passwords and device-based authentication methods are replaced with a more secure, trusted, and user-friendly alternative.

Aaron provides a deep dive into how Nametag Inc is leading the charge in revolutionizing the way we think about securing our digital identities. Through the innovative "Sign in with ID" approach, Aaron discusses the potential to enhance privacy, reduce fraud, and streamline user experiences across the digital landscape.

Listeners will gain insights into the challenges and opportunities presented by current authentication methods and how Nametag's solutions aim to address these issues head-on. Aaron's expertise and passion for improving digital security shine through as he outlines the technical and societal implications of adopting ID-based authentication systems.

This conversation is not just about the future of authentication; it's a glimpse into the potential for technology to create more secure and efficient interactions in our increasingly digital world. Aaron's thoughtful analysis and forward-looking ideas offer valuable perspectives for anyone interested in the future of digital security, privacy, and user experience.

Tune into this YSecurity.io production for an enlightening conversation with Aaron Painter. Whether you're a tech enthusiast, a security professional, or someone curious about the next generation of authentication technologies, this episode offers a compelling look at how "Sign in with ID" could transform the way we access and protect our online presence.

In this enlightening episode of a YSecurity.io production, we delve into the transformative world of authorization with Anders Eknert, whose journey to Styra is marked by deep insights and vast experience. Anders guides us through the evolution of authorization, addressing the pivotal question, "What are you allowed to do?" and illustrating how the landscape is shifting away from the chaotic "wild-wild-west" towards more structured, secure, and efficient frameworks.

Anders shares his journey, highlighting key experiences that have shaped his understanding and approach to authorization. With a focus on best practices, he explores the complexities of managing permissions and access in today's digital environments. Through his work at Styra, Anders is at the forefront of developing solutions that not only enhance security but also improve operational agility and compliance.

Listeners will gain a comprehensive understanding of the challenges and advancements in authorization technology. Anders' expertise illuminates the path toward more sophisticated and user-centric authorization models, emphasizing the importance of clear policies, automation, and the role of open-source projects like Open Policy Agent (OPA) in driving the industry forward.

This episode offers a unique opportunity to learn from one of the leading voices in the field of authorization. Whether you're a security professional, a developer navigating access control in your applications, or simply interested in the future of digital security and governance, Anders' insights provide valuable perspectives on the evolution of authorization practices.

Join us in this YSecurity.io production for a fascinating conversation with Anders Eknert. For those interested in reaching out or learning more about Styra's approach to authorization, Anders can be contacted at anders@styra.com. This episode is a must-listen for anyone looking to stay ahead in the rapidly evolving world of digital security and authorization.

In this episode of a YSecurity.io production, we're privileged to have Sean Cassidy, the Head of Security at Asana, share the wealth of knowledge and experience he's accumulated in building leading security teams and developing impactful security products. Sean takes us on a journey through his career, offering an insider's view on the challenges and triumphs of establishing a culture of security excellence within an organization.

Listeners will be treated to Sean's stories from the trenches—lessons learned from both successes and setbacks. He delves into the strategies that have enabled him to assemble outstanding security teams, emphasizing the importance of diversity, continuous learning, and fostering an environment where innovation thrives.

Beyond team building, Sean discusses the intricacies of creating security products that not only protect but also enhance user experience. He shares insights into the balance between security and usability, the role of security in product design, and how Asana approaches these challenges to deliver solutions that businesses trust.

This episode offers valuable lessons for anyone interested in the art and science of security leadership and product development. Whether you're a budding security professional, a seasoned expert, or simply fascinated by the behind-the-scenes work that goes into protecting digital spaces, Sean's experiences provide a roadmap for excellence in the security domain.

Join us on this YSecurity.io production for an engaging and enlightening conversation with Sean Cassidy. Explore the journey of building security teams that make a difference and the process of crafting products that stand the test of today's security challenges.

In this thrilling episode of a YSecurity.io production, we sit down with Will Butler, a seasoned security expert whose journey into the world of red teaming began with an audacious hack of airport security systems in his youth. This pivotal moment not only sparked Will's passion for security but also set him on a path to becoming a formidable figure in the field of penetration testing and red teaming.

Will shares his fascinating transition from a curious youngster with a knack for finding security loopholes to a professional dedicated to safeguarding organizations against cyber threats. He delves into the various facets of red teaming, explaining the different types of red teams and the unique value they bring to businesses through penetration testing. Listeners will gain an insider's perspective on what constitutes a successful attack and the creative, unconventional thinking required to unearth vulnerabilities.

The conversation also touches on the critical importance of diversity within red teams. Will argues that a broad range of perspectives and experiences is crucial for success in this field, enhancing the team's ability to think outside the box and anticipate the myriad ways an attacker might breach security defenses.

Moreover, Will addresses the ethical and moral dilemmas that penetration testers often face. He discusses the fine line between hacking for security enhancement and the potential for misuse of skills, emphasizing the importance of ethical guidelines and professional integrity in the practice of red teaming.

This episode is a treasure trove for anyone intrigued by the art and science of cybersecurity, offering deep insights into the challenges, strategies, and ethical considerations of red teaming and penetration testing. Whether you're an aspiring security professional, a seasoned expert, or simply fascinated by the world of cybersecurity, join us for an engaging and enlightening conversation with Will Butler.

Tune into this YSecurity.io production to explore the captivating journey of a red team leader who transformed a youthful curiosity into a career dedicated to advancing security practices and protecting organizations from cyber threats.

In this enlightening episode of a YSecurity.io production, we're joined by Ben, a versatile software engineer with a rich background in computer security. Having navigated a diverse career path that spans startups, major tech companies, research labs, and intelligence agencies, Ben brings a unique perspective to the table. He shares his journey into the world of security, recounting the experiences, challenges, and milestones that have shaped his career.

Ben delves into how he discovered his passion for security and the pivotal moments that guided his path through the industry's various sectors. His insights into the evolution of his roles offer listeners a glimpse into the dynamic and multifaceted nature of working in cyber security and threat intelligence.

Throughout the conversation, Ben discusses the obstacles he's encountered, both technical and personal, and how overcoming these has informed his approach to security. His stories highlight the importance of adaptability, continuous learning, and the value of diverse experiences in forging a successful career in cyber security.

Looking to the future, Ben shares his thoughts on the direction of Threat Intelligence and Cyber Security. He discusses emerging trends, the increasing significance of proactive defense mechanisms, and how the industry can evolve to address the growing sophistication of cyber threats.

Listeners will come away with a deeper understanding of the cyber security field from someone who has witnessed its evolution firsthand and contributed to its development. Ben's experiences underscore the importance of diversity in thought and background in enriching the security domain and driving innovation.

Tune into this YSecurity.io production for a compelling journey through the cyber security landscape with Ben. Whether you're an aspiring security professional, a seasoned expert, or simply intrigued by the complexities of protecting digital assets in an ever-changing threat environment, this episode promises valuable insights into the challenges and opportunities that lie ahead in the realm of cyber security and threat intelligence.

In this episode of a YSecurity.io production, we have the pleasure of speaking with Biff W. Clark, the Managing Partner and Cyber Security Consultant of Coefficient Technologies LLC. With an impressive career spanning over 25 years in sales and sales leadership, including 15 years dedicated to consulting on information technology and cyber security solutions, Biff brings a wealth of knowledge and experience to the conversation.

Biff shares his journey from obtaining a BA in Business Management from Midland University to earning an MS in Cyber Security, Cyber Operations from Utica College. His passion for cyber security is matched only by his commitment to community and education, as evidenced by his roles with The Hidden Genius Project, Mindblown Labs, and Telescopic Ventures. Biff discusses the importance of mentoring the next generation, particularly black male youth, in technology, leadership, and entrepreneurship.

Listeners will gain insights into the evolving landscape of cyber security, the challenges businesses face in protecting their digital assets, and the innovative solutions that can help mitigate these risks. Biff's experience in selling and consulting provides a unique perspective on how companies can navigate the complex world of information security.

In addition to his professional achievements, Biff's involvement in non-profits and advisory roles highlights the intersection of technology, education, and social impact. He speaks on the significance of financial education through gamification and the potential of emerging technologies to transform industries and societies.

Join us in this YSecurity.io production for an inspiring and informative discussion with Biff W. Clark. Whether you're a cyber security professional, a technology enthusiast, or someone interested in the broader implications of digital security on society, this episode offers a comprehensive look at the challenges and opportunities in the field, underscored by Biff's dedication to making a difference both within and beyond the cyber security community.

Listeners interested in learning more about Biff's work or reaching out for consulting services can contact him at bwclark@coefficient.us. This episode is a must-listen for anyone looking to deepen their understanding of cyber security's current state and future directions, all through the lens of a seasoned expert and community leader.

Join us for an engaging episode of a YSecurity.io production featuring Paul Nguyen, the Co-Founder and Co-CEO of Permiso Security. Paul brings a wealth of knowledge and innovative insights from his journey in the cybersecurity industry, particularly in enhancing security posture and protecting against evolving threats.

In this conversation, Paul shares the story behind founding Permiso Security, highlighting the challenges and opportunities that led to the creation of a company dedicated to redefining how businesses approach their cybersecurity strategies. With a focus on leveraging cutting-edge technologies and methodologies, Paul discusses Permiso Security's mission to empower organizations with comprehensive insights and controls to navigate the complex digital landscape securely.

Listeners will dive into the nuances of building a cybersecurity startup, from identifying market needs to developing solutions that address the sophisticated tactics employed by modern threat actors. Paul also sheds light on the importance of fostering a culture of security awareness and resilience, emphasizing the role of leadership in cultivating environments where security is prioritized and integrated into every aspect of business operations.

Moreover, Paul offers his perspective on the future of cybersecurity, including emerging trends and how companies can stay ahead of threats by adopting proactive and intelligence-driven security measures. His insights provide valuable guidance for businesses of all sizes looking to enhance their security posture in an increasingly interconnected world.

Tune into this YSecurity.io production for a fascinating discussion with Paul Nguyen. Whether you're a cybersecurity professional, business leader, or tech enthusiast, this episode offers a deep dive into the strategies and innovations shaping the future of security. Join us as we explore the journey of Permiso Security and the vision driving its mission to protect and empower the digital enterprise.

In this insightful episode of a YSecurity.io production, we're joined by Dan Sherry, Founder and CEO, and Grace Chi, Co-Founder and COO, of Pulsedive, for an in-depth discussion on the pivotal role of Threat Intelligence in today's cybersecurity landscape. Dan and Grace share their journey of building Pulsedive, a platform dedicated to simplifying complex data problems in security and the instrumental role of community feedback in shaping their solutions.

The conversation kicks off with Dan and Grace explaining the genesis of Pulsedive and their mission to make Threat Intelligence accessible and actionable for organizations of all sizes. They delve into the challenges businesses face in understanding and leveraging threat data, emphasizing how Pulsedive's innovative approach transforms overwhelming data streams into clear, concise insights.

Listeners will gain an understanding of the nuances of Threat Intelligence, including how it can proactively protect against emerging threats and inform strategic security decisions. Dan and Grace highlight the importance of community-driven development, sharing how user feedback and collaboration have been crucial in refining Pulsedive's offerings to meet the evolving needs of the cybersecurity community.

Moreover, the discussion explores the balance between automation and human expertise in analyzing threat data, the significance of a dynamic and adaptive security posture, and how Pulsedive is contributing to a more secure digital ecosystem through education and empowerment.

Join us on this YSecurity.io production for a compelling conversation with Dan Sherry and Grace Chi. Whether you're a cybersecurity professional seeking to enhance your organization's defense mechanisms, a technology enthusiast curious about the latest trends in Threat Intelligence, or someone interested in the intersection of community collaboration and security innovation, this episode provides valuable insights into making complex data problems simple and the critical role of community feedback in achieving security success.

Tune in to explore how Pulsedive is leading the charge in demystifying Threat Intelligence and shaping the future of cybersecurity through community-driven innovation.

Dive into the intersection of cybersecurity, military discipline, and endurance sports in this episode of a YSecurity.io production featuring Robert Rounsavall, Co-Founder and President of Trapezoid Inc. Robert's journey from a childhood fascination with security, through a distinguished military career, to leading innovation in firmware security, provides a compelling narrative of resilience, innovation, and leadership.

In this interview, Robert shares pivotal experiences from his youth that sparked his interest in security, laying the foundation for a career that spans both the high-stakes worlds of military operations and cutting-edge technology. His insights into the challenges and rewards of working in security architecture, particularly within large datacenter and cloud provider spaces, highlight the complexities of protecting digital infrastructure at scale.

Robert's military background as a Navy Crypto-Linguist Chief Petty Officer, combined with his leadership in incident response for enterprise and federal government organizations, showcases the depth of his expertise and the breadth of his impact on national security. His contributions extend beyond operations, as evidenced by his patent for a large-scale network security system, authorship in the Computer and Information Security Handbook, and involvement in key industry initiatives like the Open Data Center Alliance.

Drawing an intriguing parallel between the perseverance required in startups, security, and Ultramarathon running, Robert offers a unique perspective on the endurance, determination, and strategic thinking that define success in each of these domains. This comparison not only sheds light on his personal philosophy but also serves as inspiration for professionals navigating the long-distance challenges of the cybersecurity field.

Listeners will gain not only an appreciation for the technical intricacies of firmware security and cloud computing but also a deeper understanding of the leadership qualities that drive innovation and resilience in the face of evolving threats.

Join us for an engaging and insightful conversation with Robert Rounsavall. Whether you're a cybersecurity enthusiast, a veteran, an aspiring leader, or someone intrigued by the parallels between physical and cyber endurance, this episode offers a rich exploration of the skills and mindset required to excel in both the digital and physical arenas.

In this compelling episode of a YSecurity.io production, Michael Malone, the visionary Founder and CEO of SmallStep, takes us on a deep dive into the critical realms of Identity, Certificates, X.509, and Authentication. Michael unfolds the journey of SmallStep, from its initial focus on Authorization to its strategic pivot towards Authentication, highlighting the evolutionary path of the company and its contribution to enhancing digital security.

Michael recounts the origins of SmallStep, sharing the story of its humble beginnings and the pivotal moments that led to its reorientation towards Authentication. This shift underscores the dynamic nature of the cybersecurity landscape and SmallStep's agile response to emerging needs and challenges.

Beyond the technicalities of digital security, Michael delves into his underlying philosophy of hiring, work ethics, and business development. He emphasizes the importance of assembling a team that not only possesses the requisite technical skills but also shares a common vision and commitment to advancing cybersecurity solutions. Michael's pragmatic approach to building a business is rooted in a clear understanding of the market, customer needs, and the continuous pursuit of innovation.

Listeners will gain insights into the complexities of managing digital identities and the critical role of certificates and authentication mechanisms in securing online interactions. Michael's expertise sheds light on the significance of robust authentication processes and the ways in which SmallStep is contributing to a more secure digital future, one small step at a time.

Join us for an engaging and enlightening conversation with Michael Malone. Whether you're a cybersecurity professional, a technology enthusiast, or someone interested in the intricacies of digital identity management, this episode offers a comprehensive look into the challenges and solutions at the forefront of securing the digital landscape.

Tune in to explore how SmallStep is navigating the cybersecurity ecosystem, the philosophical and practical considerations behind building a tech company, and the steps being taken toward realizing a more secure future for digital identities and transactions.