WE'RE IN!
Synack
All episodes
Best episodes
Top 10 WE'RE IN! Episodes
Goodpods has curated a list of the 10 best WE'RE IN! episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to WE'RE IN! for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite WE'RE IN! episode by adding your comments to the episode page.
02/28/24 • 31 min
Dennis Fisher, editor-in-chief at Decipher, reflects on his journalism career covering cybersecurity for more than two decades in the latest episode of the WE’RE IN! cybersecurity podcast. He began in 2000, covering email before transitioning to security. Soon his focus shifted to vulnerability reporting, including blockbuster bugs in Windows and Internet Explorer. This led to Microsoft's trustworthy computing memo and significant changes in the software industry.
Dennis also discusses the challenges of cybersecurity journalism and the importance of democratizing information.
Listen to hear more about:
- The overlap between cybercrime and traditional organized crime and the impact of cryptocurrency
- Dennis’s interest in crime novels and the challenges of incorporating his background into his own books
- The surprising topic Dennis would cover if he wasn’t focused on security
09/19/24 • 30 min
Jen, a former military professional turned hacker, shares her journey into cybersecurity and her experiences with the Synack Red Team in the latest episode of WE’RE IN! She transitioned from fixing security issues to actively seeking vulnerabilities, inspired by her brother and motivated by her experiences at the storied hacker conference, DEF CON. Jen emphasizes the importance of skill development and preparation for women entering the male-dominated cybersecurity field, and discusses her preferred hacking tools and techniques.
In this episode of WE’RE IN!, Jennifer gives her take on AI in penetration testing, suggesting it should be used as a tool for initial reconnaissance but not for exploiting vulnerabilities.
Listen to hear more about:
- Why all of Jennifer’s smart home devices’ warranties are voided
- How anyone can be a hacker by following the Open Source Intelligence methodology to find vulnerabilities
- The importance of producing high-quality work and going above and beyond to gain trust in the pentesting industry
08/08/23 • 31 min
The next generation of cybersecurity leaders have a vision for the future of cybersecurity. Facing advanced nation-state threats, the breakneck speed of tech innovation and a deluge of zero days, Lauren Zabierek is moving the dial on workforce diversity to tackle these challenges. Lauren, senior policy advisor for Cybersecurity and Infrastructure Security Agency and co-founder of #ShareTheMicInCyber, is also helping organizations “shift left” by integrating security principles into the innovation process.
Don’t miss the latest episode of WE’RE IN! to hear Lauren’s insights into why cybersecurity job descriptions are broken and how talking to everyday people can build the pipeline of cyber talent.
----------
Listen to learn more about:
Which cybersecurity story she’d like to see made into a Christopher Nolan movie
Why she believes “diversity is national security”
How she ended up with Ms. magazine bylines
09/10/21 • 30 min
In this episode, Nick Merrill, a research fellow at the UC Berkeley Center for Long-Term Cybersecurity, makes a cybersecurity case for nationalizing major CDNs such as Cloudflare, issues some pretty stark warnings about the dangers of machine learning, and digs into why stereotypical images of hackers in hoodies doesn’t help anyone. His viewpoints are sobering if not controversial and worth listening to for anyone who cares about the future of the global internet.
---------
Why you should listen:
Get a fresh perspective on some of the biggest risks to the global web: unchecked algorithmic bias, the risk of attacks on massive CDNs, and the growing internet fragmentation.
Consider some of the boldest ideas from one of the sharpest thinkers when it comes to how policymakers can make fundamental changes to protect the internet.
Hear Nick’s take on why art matters in cybersecurity -- and why stereotypical images of hackers in hoodies harm the public’s perceptions of information security.
Learn more about Fairness, Accountability and Transparency in Machine Learning and the growing movement to look more critically at the hidden algorithms that control the internet and much of technology today.
Consider how ransomware takedowns and other large-scale cyberattacks such as Colonial Pipeline erode public trust in technology.
Get a better understanding of why diversity in the cybersecurity industry matters when it comes to identifying real-world threats.
---------
Key Quotes:
“That power over the internet is like a huge strategic asset for the U.S. It's analogous to controlling global trade.”
“Imagine a Stuxnet level attack on Cloudflare.”
“I would nationalize Cloudflare. I would make it like a national publicly-run utility company.”
“This word ‘hacker’ got so diluted. It means different things to different people. And it became this totally useless way for describing what's actually happening in security.”
“The future of cybersecurity ... is the future of machine learning.”
“The real risk of ransomware is just that it freaks people out.”
---------
Related Links:
* https://nickmerrill.substack.com/about
* https://www.synack.com/lp/enterprise-security-testing-101
08/13/21 • 38 min
In this episode, Girl Security CEO Lauren Bean Buitta discusses the importance of supporting, encouraging, and training girls for careers in cybersecurity. She gets into why it's so critical to create — and protect — pathways for young women in order to build a more diverse industry, and why that really matters when it comes to making tough national security decisions that affect the entire population. She also describes her journey into security, and what led her to start Girl Security in the first place.
----------
Why You Should Listen:
To better understand the value of gender diversity in cybersecurity.
Learn how to create trauma-informed programming that builds trust and understanding.
Discover how you can help develop new pathways for underrepresented cybersecurity talent.
Hear Lauren’s take on how identity can inform security decisions.
----------
5 Key Quotes:
“Everyone’s identity has a place in a discussion about national security because it's the most consequential field in the world.”
“What we are seeing in in our country is evidence of how long it takes to uproot any kind of systemic discrimination.”
“We are cultivating a generation of girls and women who will hopefully be more well represented in the short, near and long term and we hope that that results in more equitable national security policies of which cyber is so crucial”
“Girls and women from childhood live in a world in which they are taught to fear everything ... and we do a really good job at keeping ourselves secure.”
“We don't know what a national security field would look like where there's gender parody. What would national security look like if women were co-equally represented? I want to see what that world looks like.”
----------
Related Links:
* https://www.synack.com/were-in-synack-podcast/
* https://www.girlsecurity.org/about
* https://www.linkedin.com/in/lauren-bean-buitta/
* https://www.synack.com/trust-report/
* https://www.synack.com/lp/enterprise-security-testing-101/
11/07/24 • 35 min
The Department of Defense Cyber Crime Center (DC3) operates a Vulnerability Disclosure Program (VDP) that handles critical cybersecurity issues reported by the public, including using an actual red phone for urgent matters. In the latest episode of WE’RE IN!, Melissa Vice, director of DC3’s VDP, describes how they respond to cyberthreats and collaborate with other groups within the center, such as the Operation Enablement Directorate and cyber forensics laboratory.
Tune in to hear how the program, which began in 2016 following a successful bug bounty event, has processed over 53,000 reports, 56% of which were actionable, and resulted in nearly 30,000 remediated vulnerabilities.
Listen to learn more about:
Why VDP has been recognized by the government as a reliable and economical cybersecurity strategy
How Melissa and her team handled the notorious Log4j vulnerability
How DC3 has explored the use of AI and machine learning to enhance capabilities and scale operations
07/17/24 • 28 min
Anand Prakash on cloud security startups and next-gen hacking
Anand Prakash, founder of startup PingSafe, shares his insights on building a successful cybersecurity business and his experience as a top bug bounty hunter. He emphasizes the importance of fast execution, accountability and learning from mistakes when growing the company acquired by SentinelOne, where he’s now a senior director of product management.
In the latest episode of WE’RE IN!, Anand touches on India's prominence in global tech – particularly in security research and bug bounty programs – and he shares his personal journey into cybersecurity, which began with a curiosity about hacking at a young age in cyber cafes.
Listen to hear more about:
- How bug bounty programs have evolved, with companies now more open to ethical hacking due to increased awareness of data breaches
- The viability of government efforts to reduce entire classes of vulnerabilities like SQLi
- If AI is effective in improving red teaming and bug bounty hunting
06/26/24 • 36 min
Ads Dawson, release lead and founding member for the Open Web Application Security Project (OWASP) Top 10 for Large Language Model Applications project, has no shortage of opinions on securing generative artificial intelligence (GenAI) and LLMs. With rapid adoption across the tech industry, GenAI and LLMs are dominating the conversation in the infosec community. But Ads says the security approach is similar to other attack vectors like APIs. First, you need to understand the context of AI-related vulnerabilities and how an attacker might approach hacking a particular AI model.
In the latest episode of WE’RE IN!, Ads talks about including threat modeling from the design phase when integrating GenAI into applications, and how he uses AI in his red teaming and application security work.
Listen to hear more about:
The misuse of AI, such as creating deep fakes for financial gain or manipulating powerful systems like the stock market
The role of governments in securing the AI space and the concept of “safe” AI
How the infosec community can contribute to OWASP frameworks
06/05/24 • 32 min
Integrating security into the product development lifecycle is a tall order for any industry. It’s particularly challenging for healthcare, with its wide range of critical needs from HVAC systems to medical devices. Kevin Tambascio, director of cybersecurity data and application protection at Cleveland Clinic, juggles the need for constant vigilance and staying updated on fast-moving threats to hospitals.
In the latest episode of WE’RE IN!, Kevin discusses the importance of compliance and risk assessment, noting that while compliance with rules like HIPAA is crucial, it's equally important to pressure test controls against real-world threats. Ransomware targeting hospital data is the primary threat, while phishing and potential abuse of generative AI also pose significant risks.
Listen to hear more about:
- The benefits of forming an AI task force to enact safe and responsible procedures while enabling clinicians and researchers to explore AI’s potential
- Effectively communicating cyber threats to non-technical staff by relating them to potential impacts on patient safety and business operations
- Application security in healthcare; applications often have access to sensitive patient health information and can be potential entry points for cyber threats
07/31/24 • 35 min
Cybersecurity has a complexity problem. A tangled web of technical, psychological, economic and geopolitical factors enable and motivate malicious actors. Michael Daniel, CEO and president of the Cyber Threat Alliance, is helping public and private organizations decode these complex motivations with information sharing, including the Ransomware Task Force.
In this episode of WE’RE IN!, Michael elaborates on his "immune system" approach for the internet, a strategy where threats are quickly identified and neutralized. But this requires robust – and highly trusted – information sharing between groups.
Listen to hear more about:
- The threat assessment for the 2024 Paris Olympics, highlighting potential threats from Russia and Azerbaijan
- The need for more resilient software systems that can degrade gracefully rather than catastrophically fail
- Michael’s thoughts on industry diversification and the value of different viewpoints in tackling cybersecurity challenges
Show more best episodes
Show more best episodes
FAQ
How many episodes does WE'RE IN! have?
WE'RE IN! currently has 63 episodes available.
What topics does WE'RE IN! cover?
The podcast is about Information Security, Security, Tech, Management, Hacking, Podcasts, Technology, Information, Digital, Cyber, Business, Hacker and Cybersecurity.
What is the average episode length on WE'RE IN!?
The average episode length on WE'RE IN! is 36 minutes.
How often are episodes of WE'RE IN! released?
Episodes of WE'RE IN! are typically released every 16 days.
When was the first episode of WE'RE IN!?
The first episode of WE'RE IN! was released on Jul 12, 2021.
Show more FAQ
Show more FAQ