BarCode

"Revelation" is about exposing what’s hidden: Vulnerabilities, Truths, and the role of hackers in revealing them.In this conversation, Casey John Ellis, founder of Bugcrowd, shares his journey from a curious child fascinated by technology to a pioneer in crowdsourced security. He discusses the evolution of bug bounty programs, the importance of community in cybersecurity, and the challenges of scaling a startup. Casey also emphasizes the need for good faith hackers, the role of AI in security, and the importance of mentorship in entrepreneurship. He reflects on the changing landscape of cybersecurity and the necessity for collaboration between generations in the field. 00:00 - Introduction and Technical Challenges 02:02 - Casey Ellis: A Journey into Hacking 04:50 - Pioneering Crowdsourced Security with Bug Crowd 07:36 - Building a Community of Hackers 10:36 - Scaling Bug Crowd: Achievements and Growth 13:35 - Unexpected Bug Bounty Submissions 16:32 - Testing Infrastructure: Virtualization and Real-World Applications 19:14 - Advocating for Good Faith Cybersecurity Research 22:11 - Government Engagement and Cyber Policy 25:03 - Adapting to the Current Threat Landscape 26:41 - The Evolving Landscape of Cybersecurity 29:58 - AI and Human Collaboration in Security 34:22 - The Gray Areas of Cyber Ethics 39:50 - Lessons in Entrepreneurship and Leadership 44:17 - Generational Shifts in Cybersecurity Media 46:40 - Finding Balance: Hobbies and Downtime 48:24 - Imagining a Cybersecurity-Themed Bar SYMLINKS[ Casey John Ellis Blog - https://cje.io ]The personal website of Casey John Ellis, featuring his writings and insights on cybersecurity, hacker rights, and vulnerability research. [ LinkedIn - https://www.linkedin.com/in/caseyjohnellis ]Casey’s professional profile where he shares career updates and connects with the cybersecurity community. [ Bluesky - https://caseyjohnellis.bsky.social ]Casey’s Bluesky account for sharing thoughts and engaging with the infosec community. [ Mastodon - https://infosec.exchange/@caseyjohnellis ]Casey’s Mastodon profile on Infosec Exchange, where he posts updates and insights for the federated social community. [ X/Twitter - https://x.com/caseyjohnellis ]Casey’s main microblogging profile where he actively shares cybersecurity insights and hacker advocacy. [ Linktree - https://linktr.ee/caseyjohnellis ]A hub linking to all of Casey’s active social profiles and resources. [ BugCrowd - https://www.bugcrowd.com ]A leading crowdsourced security platform that connects organizations with a global hacker community to find and fix vulnerabilities. [ Disclose.io - https://disclose.io ]An open-source project standardizing best practices for vulnerability disclosure programs, enabling safe collaboration between researchers and organizations.

Recorded Live from Las Vegas, NV on 8/7/25Sponored By:MongoDBThreatLockerLogic Hazard LabsElisityBedrock DataMimic

Ted Harrington explains the power of the hacker mindset and its impact far beyond cybersecurity. He unpacks how curiosity, creativity, and the drive to challenge assumptions can unlock new ways of thinking and problem-solving across all areas of life. Ted offers practical exercises to develop this mindset, shares strategies to overcome imposter syndrome, and highlights the importance of leaning into positive feedback. He also previews the energy and innovation surrounding the upcoming Hacker Summer Camp and the thriving community that powers it.00:00 Introduction to the Hacker Mindset 04:50 The Attributes of a Hacker 10:04 Challenging Assumptions in Life 14:37 Exercises to Cultivate a Hacker Mindset 19:31 Upcoming Book Release and Conclusion 19:51 The Journey of Writing: From First to Second Book 24:17 Overcoming Imposter Syndrome: Strategies and Insights 34:29 Hacker Summer Camp: Celebrating a Decade of IoT Village 36:55 Creative Concepts: Cybersecurity-Themed Bar Ideas SYMLINKS [Ted Harrington’s Website] – Ted Harrington’s official website where you can find his blog, professional background, talks, research, and links to his books, podcast, and events. A central hub for his work in cybersecurity and ethical hacking. [Ted Harrington’s Podcast – “Tech Done Different”] – Ted's podcast explores how to think differently about technology, security, and leadership. He interviews top minds in security, engineering, and beyond. [Ted Harrington’s Books] – A showcase of Ted’s published works, including Hackable and the upcoming Inner Hacker, both of which explore ethical hacking, secure software development, and mindset transformation. [Ted Harrington’s TED Talk – “Why You Need to Think Like a Hacker”] – In this TEDx talk, Ted explains how the hacker mindset—curiosity, nonconformity, commitment, and creativity—can be a superpower in solving complex problems in both cybersecurity and everyday life. [Ted Harrington on LinkedIn] – Ted’s professional LinkedIn profile, where he regularly shares insights on ethical hacking, leadership, and secure software. He’s active and encourages messages from those looking to learn or collaborate. [IoT Village Website] – A hacking village founded by Ted Harrington that focuses on IoT security. Hosted at major security conferences like DEF CON, it offers hands-on labs, expert talks, and a collaborative space for learning how to ethically hack IoT devices.

In this conversation, Chris Glandon interviews Josh Mason, a Solutions Architect at CINAC and founder of Newb Village. They discuss Josh's journey from being a U.S. Air Force pilot to entering the cybersecurity field, his motivation behind creating Newb Village to support newcomers in the industry, and his new book 'Speak Security with a Business Accent'. They also explore the role of SYNAC in cybersecurity and share insights on creating a welcoming environment for new professionals in the field. The conversation wraps up with a light-hearted discussion about unique bars and venues in the cybersecurity community.00:00 Josh Mason's Journey into Cybersecurity08:38 The Birth of Noob Village20:02 Speak Security with a Business Accent26:59 Transforming Technical Language for Business Impact30:01 Understanding Metrics for Different Audiences33:15 Aligning Business Goals with Security Metrics36:49 Insights into SYNAC and Its Offerings47:22 Exploring Unique Bars and Venues48:37 Imagining a Cybersecurity-Themed BarSYMLINK[Noob Village] - An inclusive space at DEF CON is designed to welcome and guide newcomers in the cybersecurity community. It offers resources like pamphlets, volunteers (“buddies”), and a booth called “No Stupid Questions” to support first-time attendees.Noob Village LinkedIn Page –A LinkedIn organization page with updates about volunteer calls, community news, and DEF CON involvement .[Joshua C. Mason – LinkedIn] - A cybersecurity leader and vCISO profile with extensive experience, offering insights on Noob Village, initiatives for veterans, and IT-to-security career development. Frequently shares event involvement (like DEF CON), mentorship tips, and professional updates.[Joshua C. Mason – Website] – Josh’s professional website for Mason Security Consulting (Mason SC), where he offers vCISO services, cybersecurity consultancy, and insights from his military and IT background.[Mason SC Book Page] - Josh Mason's personal site, where signed copies of his book are available. The book includes cybersecurity leadership insights drawn from his experiences in the Air Force and IT.[Onward to Opportunity – A career training program for veterans, offering free training and certification opportunities in areas like project management and IT, including PMP and CISSP prep.[Synack] - A cybersecurity company offering “pen test as a service.” It connects clients with vetted ethical hackers using a managed platform to identify exploitable vulnerabilities efficiently.

In this engaging conversation, Chris Glanden interviews Kevin Johnson, a seasoned expert in IT and cybersecurity. Kevin shares his extensive journey from system administration to becoming a leader in penetration testing and ethical hacking. He emphasizes the importance of hands-on learning, the evolution of penetration testing standards, and the role of open source in the industry. The discussion also touches on the significance of community, acknowledgment, and charity work in cybersecurity, along with personal anecdotes and insights into the future of the field.00:00 Introduction to Kevin Johnson03:39 Kevin's Journey in IT and Security06:29 The Evolution of Penetration Testing09:35 Transitioning from IT to Security12:30 The Importance of Hands-On Learning15:28 Involvement in Open Source Projects18:38 The Role of Mentorship in Career Development21:14 Ethical Hacking and Its Misconceptions24:23 The Future of Cybersecurity27:27 Understanding Risk in Cybersecurity29:14 The Evolution of Penetration Testing Standards31:00 The Human Element in Penetration Testing32:46 The Challenges of Automated Pen Testing35:26 Transparency and Knowledge Sharing in Cybersecurity39:36 Standing on the Shoulders of Giants44:41 The Importance of Acknowledgment and Gratitude48:26 The 501st Legion: Charity Through Cosplay53:08 Creating a Cybersecurity-Themed BarSYMLINKS[Secure Ideas Website] Kevin Johnson’s cybersecurity consulting and training firm, offering penetration testing, security assessments, and educational resources. It also hosts blog posts and tools created by the Secure Ideas team.[Kevin Johnson on LinkedIn] Kevin’s professional LinkedIn profile, where he shares insights on cybersecurity, career development, and industry leadership.[@secureideas on Twitter (X)] – Kevin’s Twitter/X account, where he frequently shares thoughts on InfoSec, pen testing practices, open-source contributions, and industry transparency.[Samurai WTF (Web Testing Framework)] – An open-source Linux distribution for web application penetration testing. Co-created and taught by Kevin, this toolkit helped train thousands of security professionals in hands-on ethical hacking.[BASE (Basic Analysis and Security Engine)] – A fork of the discontinued ACID project for Snort, created by Kevin to continue development and improve IDS event analysis. This project marked a pivotal moment in his open-source journey.[SANS Institute] – A premier cybersecurity training organization where Kevin became a senior instructor, authored multiple courses, and earned the GCIA, GCIH, and GCFA certifications that shaped his professional trajectory.[Penetration Testing Execution Standard (PTES)] – http://www.pentest-standard.orgAn industry-defined standard for performing thorough and ethical penetration tests. Kevin is actively involved in modernizing this standard to reflect current tools, risks, and methodologies.[OWASP (Open Worldwide Application Security Project)] – A nonprofit organization focused on improving software security. Kevin previously served on the global board and has long supported OWASP's community-driven tools and educational efforts.

In this engaging conversation, Chris Glanden speaks with Pat Gorman AKA InfoSec Pat, a cybersecurity professional with over 12 years of experience. Pat shares his unique journey into the cybersecurity field, discussing his early life, career transitions, and the importance of certifications. He emphasizes the need for practical skills and the value of community engagement in the cybersecurity space. The discussion also touches on the challenges faced by newcomers in the industry and the significance of clear, accessible content for learning. Pat's candid insights and personal anecdotes provide a relatable perspective on navigating the cybersecurity landscape. 00:00 Introduction to Barcode Podcast 01:02 InfoSec Pat's Journey into Cybersecurity 04:42 Transitioning from IT to Cybersecurity 10:24 The Importance of Hands-On Learning 16:50 Demystifying Cybersecurity for Newcomers 21:18 Exploring Career Paths in Cybersecurity 27:45 Lessons Learned from Certification Experiences 30:54 The Journey to Certification 34:44 The Fallout with Offensive Security 36:40 Navigating the Certification Landscape 38:00 The Importance of Practical Skills 41:45 Essential Soft Skills for Pen Testing 45:20 Building a Personal Brand and Community Engagement 48:10 Overcoming Adversity and Personal Growth 52:05 Unique Experiences and Future Aspirations SYMLINKS[InfoSec Pat - YouTube Channel] - Pat Gorman’s YouTube channel where he publishes tutorials, walkthroughs, and educational videos on cybersecurity, penetration testing, and lab setups. [InfoSec Pat - Linktree] - Central hub for all of Pat Gorman’s social platforms, courses, YouTube channel, and other professional links. [InfoSec Pat - Official Website] - Pat Gorman’s official website featuring cybersecurity tutorials, online courses, certifications, and resources for professionals looking to enter or grow in the cybersecurity field. [InfoSec Pat - Merchandise Store] - Official online merchandise store offering InfoSec Pat branded apparel and accessories, designed for fans and members of the cybersecurity community. [InfoSec Pat - Facebook Group: Learn Together with InfoSec Pat] - A public Facebook group led by InfoSec Pat, created for cybersecurity learners and professionals to network, share knowledge, and grow their skills together through community support.

In this conversation, FIlipi Pires shares his journey into cybersecurity, reflecting on his experiences at HackSpaceCon and discussing the importance of community and continuous learning. He emphasizes the critical issue of misconfigurations in identity management and the need for organizations to understand their vulnerabilities, particularly with legacy systems. Felipe also highlights the evolving nature of threats and the importance of being proactive in security measures. He provides insights into the future of red teaming and offers guidance for aspiring professionals in the field. In this conversation, Filipi Pires discusses the journey of growth in the cybersecurity field, emphasizing the importance of patience and continuous learning. He shares insights about his role at Segura, a company focused on identity solutions, and highlights the significance of community engagement. The discussion also touches on cultural aspects, including Brazilian cuisine and personal preferences, showcasing Filipi's vibrant personality and passion for his work.00:00 Introduction to Filipi Pires02:09 Reflections on HackSpaceCon05:03 Felipe's Journey into Cybersecurity11:01 Learning and Skill Development in Cybersecurity17:02 Current Trends and Misconfigurations in Cybersecurity19:38 Staying Current in Cybersecurity22:52 Understanding Threats and Attack Vectors28:46 The Future of Red Teaming32:46 Guidance for Aspiring Red Teamers36:44 The Journey in Cybersecurity43:59 Understanding Segura and Its Mission45:12 Connecting with the Community50:07 Cultural Insights and Personal Preferences SYMLINKS [Filipi Pires - Official Website] - https://filipipires.comFilipi Pires’ personal website, showcasing his professional background, speaking engagements, research, and cybersecurity insights. It serves as a central hub for his content, blog posts, and community contributions. [Filipi Pires on GitHub] - https://github.com/philip86Filipi Pires’ GitHub profile where he shares open-source tools, projects, and potentially his upcoming event schedule. It's a place to follow his latest contributions to the cybersecurity community. [Filipi Pires on LinkedIn] - https://www.linkedin.com/in/filipipiresFilipi’s professional profile for connecting with him and following his cybersecurity insights, talks, and global engagements. [Filipi Pires on YouTube] - https://www.youtube.com/@filipi-piresFilipi’s YouTube channel featuring his recorded conference talks and cybersecurity presentations in Portuguese, Spanish, and English. [Burp Suite Academy] - https://portswigger.net/web-securityA free, hands-on learning platform created by PortSwigger that teaches web application security using the Burp Suite tool. Recommended by Filipi Pires as a foundational resource for aspiring red teamers and web security professionals. [TryHackMe] - https://tryhackme.com An interactive platform offering cybersecurity labs and learning paths focused on offensive and defensive security. Filipi recommends it for hands-on practice in red teaming and hacking fundamentals. [Hack The Box] - https://www.hackthebox.comA cybersecurity training platform that allows users to practice penetration testing skills in virtual environments. Mentioned as a useful resource for practical skill development in red teaming and ethical hacking.

In this conversation, Dr. Fred Heiding discusses theintersection of cybersecurity and AI threats, sharing insights from his research at Harvard's Belfer Center. He emphasizes the importance of collaboration in cybersecurity, the risks of isolationism, and the need for more technical talent in policy-making. The discussion also covers national cybersecurity strategies and the challenges of implementing effectiveframeworks. In this conversation, Fred Heiding discusses the critical need for technical expertise in policy-making, emphasizing the importance of quantifying cybersecurity risks for effective decision-making. He highlights globalstrategies, particularly Japan's approach to cybersecurity for vulnerable populations, and the necessity of measuring the impact of cybersecurity initiatives. The discussion also touches on personal insights, including Heiding's love for surfing and the idea of a cybersecurity-themed bar, showcasing a blend of professional and personal perspectives. 00:00 - Introduction to Cybersecurity and AI Threats 04:46 - Fred Heiding's Journey in Cybersecurity 07:57 - National Cybersecurity Strategies: A GlobalPerspective 10:56 - The Risks of Isolationism in Cybersecurity 13:44 - Collaboration in Cybersecurity: Challenges andOpportunities 16:40 - The Role of Academia in Cybersecurity Frameworks 19:29 - Bridging the Gap: Technical Talent in Policy Making 22:33 - Future Directions in Cybersecurity Education 27:53 - The Need for Technical Expertise in Policy Making 29:00 - Quantifying Risk in Cybersecurity 33:39 - Global Strategies in Cybersecurity 37:04 - Measuring Impact of Cybersecurity Strategies 40:24 - Personal Insights and Downtime 42:29 - The Concept of a Cybersecurity-Themed Bar SYMLINKS [LinkedIn] - linkedin.com/in/fheiding Dr. Heiding is a research fellow at both the Harvard KennedySchool’s Belfer Center for Science and International Affairs and the Harvard John A. Paulson School of Engineering and Applied Sciences. His work focuses on AI-enhanced cyberattacks, cybersecurity policy, and global cybercrimemitigation. He also collaborates with the World Economic Forum's Centre for Cybersecurity and teaches at Harvard Business School. [ Fred Heiding – Personal Website] - https://www.fredheiding.com/ Dr. Heiding's personal website outlines his mission todevelop defense systems resilient against superintelligent AI attacks. It features his research on AI-driven phishing tools, cybersecurity strategies, and the intersection of AI and human factors in security. [Black Hat] - https://www.blackhat.com An internationally recognized cybersecurity conference where experts and researchers, including Dr. Fred Heiding, present cutting-edge research on information security. Black Hat is known for its focus on deep technical content and real-world relevance. [DEF CON] - https://defcon.orgOne of the world’s largest and most notable hacker conventions, often held annually in Las Vegas. It showcases critical findings and demonstrations in cybersecurity, where researchers like Dr. Heiding share their insights. [IEEE Access] - https://ieeeaccess.ieee.org A multidisciplinary, open-access journal of the IEEE that features research from all fields of engineering and technology. Dr. Heiding's work has been published here, underlining its technical credibility. [Harvard Business Review] - https://hbr.orgA leading publication on business strategy and practice, affiliated with Harvard University. Dr. Heiding's research featured here likely emphasizes the intersection of technology, security, and organizational impact. [Harvard Kennedy School] - https://www.hks.harvard.eduA graduate school of public policy and government at Harvard University where Dr. Heiding teaches and conducts policy-relevant cybersecurity research.

In this conversation, Matthew Chavira, CEO of Profits of AI,discusses his journey in the AI industry, particularly focusing on the evolution of humanoid robots like Sophia. He explores the rapid advancements in humanoid robotics, the integration of AI capabilities, and the public's perception of these technologies. Chavira emphasizes the importance of trusted information regarding AI's societal impact and highlights the role of artists in communicating the significance of AI advancements. In this conversation, Matthew Chavira discusses the intersection of art and artificial intelligence, highlighting a unique AI sculpture that allows interaction with the history of African American women. He emphasizes the importance of evaluating AI experts and the need for unique perspectives in the field. The discussion also covers the significance of live events in sharing unconventional ideas, the ethical implications of AI, and concerns regarding transformative AI technologies. The conversation concludes with a light-hearted exchange about unique experiences and aspirations in the AI and cybersecurity landscape. 00:00 Introduction to AI and Humanoid Robotics 04:42 The Evolution of Sophia and Humanoid Robots 07:46 The Future of Humanoid Robotics 10:25 AI and Humanoid Integration 13:21 The Challenge of Distinguishing AI from Reality 16:01 Public Perception of Humanoids 18:47 Profits of AI: Bridging the Gap in AI ThoughtLeadership 21:40 The Role of Artists in AI and Society 25:11 The Intersection of Art and AI 28:41 Evaluating AI Experts and Perspectives 31:43 The Importance of Unique Perspectives in AI 33:06 The Power of Live Events 36:23 Ethics in AI and Cybersecurity 38:18 Concerns About Transformative AI 41:44 Unique Experiences and Future Aspirations SYMLINKS: [Prophets of AI – Official Website]https://prophetsofai.comThe official site of Prophets of AI, founded by Matthew Chavira. It serves as a platform to connect organizations with leading AI experts across various disciplines, offering insights into the evolving landscape of artificial intelligence. ​ [Matthew Chavira – LinkedIn Profile]https://www.linkedin.com/in/matthewchavira/Matthew Chavira's professional LinkedIn profile, detailing his roles as Founder and CEO of Prophets of AI, Global Director of AI Partnerships at the International Advertising Association, and Head of Strategic Partnerships atHanson Robotics. [Hanson Robotics – Official Website]URL: https://www.hansonrobotics.comThe company behind Sophia the robot. Hanson Robotics is a Hong Kong-based AI and robotics company dedicated to creating socially intelligent machines. Sophia has been presented at over 100 events globally and is a central figurein Chavira’s career. [Time Magazine's 100 Most Influential People in AI 2024]https://time.com/collection/time100-ai-2024/An annual list by Time Magazine highlighting the most influential figures in artificial intelligence, including innovators, leaders, and thinkers shaping the future of AI. ​ [Techstrong TV – Profits of AI Videos]https://techstrong.tv/video-tag/profits-of-aiA collection of videos featuring Matthew Chavira discussing the impact of generative AI on various industries, sustainability, and the rise of virtual avatars. ​ [HOPE Global Forums – Matthew Chavira Speaker Profile]https://hopeglobalforums.org/speaker/matthew-chavira/Matthew Chavira's speaker profile at HOPE Global Forums, detailing his expertise in AI and his role in connecting companies with thought leadership and educational programs. ​ [Thinking Heads – Matthew Chavira Speaker Profile] https://thinkingheads.com/en/speakers/matthew-chavira/ A speaker profile highlighting Matthew Chavira's contributions to AI, his leadership at Prophets of AI, and his involvement in strategic partnerships at Hanson Robotics.

In this conversation, the host Chris Glanden engages withguests Charlie Northrup and Keenan Hale to discuss advancements in AI, particularly focusing on large language models and their limitations. They explore the concept of Delta K, which refers to the transformation of knowledge, and how it relates to the predictive capabilities of AI. Thediscussion also delves into thin calculus and the category theory of things, emphasizing the need for an external truth to build sound mathematical systems. In this conversation, the speakers delve into the concepts of agentic calculusand Delta K, exploring their implications for artificial general intelligence (AGI) and the future of the economy. They discuss the observer-dependent nature of reality and how different perspectives can lead to varied interpretations ofthe same phenomena. The conversation also touches on the potential of the agentic economy to revolutionize ownership and economic dynamics, as well as the philosophical implications of waveform collapse in quantum mechanics.Overall, the discussion highlights the need for a new understanding of cognitive processing and the role of agents in shaping future interactions and economies. TIMESTAMPS: 00:00 - Introduction to the Guests and Their Expertise 02:16 - Recent Developments in AI and Technology 04:50 - Understanding Large Language Models 10:53 - Delta K and Its Limitations 16:24 - Thin Calculus and the Category Theory of Things 19:19 - Understanding Agentic Calculus 22:27 - Delta K and Its Implications for AGI 28:59 - Cognitive Processing and States of Being 36:09 - The Agentic Economy: A New Paradigm 40:25 - Waveform Collapse and Delta K 43:20 The Future of Agentic Interactions SYMLINKS: [LinkedIn - Charlie Northrup] - https://www.linkedin.com/in/charlie-northrup-1b73b051 Charlie Northrup is a technology innovator at Neewer Sciences, contributing pioneering research in agentic AI systems, thing calculus, and distributed digital ecosystems. He shares updates and insights about his work on LinkedIn. [LinkedIn - Keenan Hale] - https://www.linkedin.com/in/keenandewayne/ Keenan Hale is recognized for his interdisciplinary contributions bridging theoretical mathematics and cryptographic systems. He connects with others inthe AI and cryptography communities through LinkedIn and shares research updates and discussions. [LinkedIn - Mike Elkins] - https://www.linkedin.com/in/elkinsmike/ Mike Elkins is the Chief Human and Information Security Officer at Banffist, actively involved in discussions about cybersecurity, digital transformation, and AI-driven enterprise operations. He also speaks at major conferences like BlackHat, RSA, and SecureWorld.

In this conversation, Mike Lisi shares his journey into the cybersecurity field, detailing his early interest in computers, the challenges he faced while obtaining his OSCP certification, and his transition into consulting. He discusses the importance of understanding client needs incybersecurity assessments and his leadership role in the Red Team Village. Mike also elaborates on the NCAE Cyber Games and the design of Capture The Flag (CTF) challenges, providing insights into effective content development for cybersecurity education. The conversation concludes with Mike sharing unique experiences from cybersecurity events and his thoughts on future engagements. TIMESTAMPS: 00:00 - Introduction to Cybersecurity Journey 03:23 - The Path to OSCP Certification 06:13 - Transitioning to Consulting in Cybersecurity 09:14 - Understanding Client Needs in Cybersecurity 11:56 - Leadership in Red Team Village 14:32 - NCAE Cyber Games and CTF Design 17:26 - Creating Effective CTF Challenges 20:04 Resources for Aspiring CTF Participants 22:57 Content Development for Cybersecurity Education 25:49 Unique Experiences in Cybersecurity Events 28:25 Closing Thoughts and Future Engagements SYMLINKS: [Maltek Solutions Website] - https://malteksolutions.com/ A cybersecurity consulting firm specializing in offensive security services, penetration testing, and risk assessments, founded by Mike Lisi. [Mike Lisi LinkedIn] - https://www.linkedin.com/in/mikelisi/ Mike Lisi's official LinkedIn profile, where he shares insights on cybersecurity, offensive security consulting, and industry trends. [Red Team Village (RTV) Website] - https://redteamvillage.io A nonprofit organization dedicated to providing educational experiences in offensive security. RTV organizes workshops, talks, and training opportunities, primarily at DEF CON and other cybersecurity conferences. [Red Team Village Discord] - https://discord.com/invite/redteamvillage The official Red Team Village Discord server where members can connect, discuss offensive security topics, and stay updated on upcoming events and volunteer opportunities. [Red Team Village X (Twitter)]- https://twitter.com/redteamvillage_ RTV's official social media account for announcements, event updates, and cybersecurity-related discussions. [MetaCTF Website] - https://metactf.com A platform offering cybersecurity competitions and Capture The Flag (CTF) events designed to help participants develop their cybersecurity skills through hands-on challenges. [CTF Time Website] - https://ctftime.org A website that tracks cybersecurity Capture The Flag (CTF) competitions worldwide, providing schedules, rankings, and resources for both beginners and experienced competitors. [Hack The Box Website] - https://www.hackthebox.com A cybersecurity training platform offering hands-on, gamified hacking labs and challenges to develop penetration testing skills. [TryHackMe Website] - https://tryhackme.com An interactive cybersecurity learning platform that provides guided tutorials and virtual labs for security professionals and beginners. CONNECT WITH US ⁠ www.barcodesecurity.com⁠ Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

In this conversation, Chris Glandon interviews Derek Fisher, a cybersecurity expert with nearly 30 years of experience. They discuss Derek's background, the evolving landscape of cybersecurity with the advent of AI and cloud computing, the importance of threat modeling, and the challenges in the security hiring process. Derek emphasizes the need for a secure design in cybersecurity and the impact of AI on threat modeling, while also addressing the difficulties job seekers face in a competitive market. In this conversation, Derek Fisher discusses the current state of the cybersecurity job market, emphasizing the frustrations faced by both job seekers and employers. He provides insights on how individuals can break into the industry, highlighting the importance of aligning personal interests with market demands. Derek also addresses the gap between academic education and real-world skills, advocating for more practical experiences for students. He shares his experience writing children's books to inspire the next generation about cybersecurity and discusses the challenges parents face in navigating technology with their kids. Finally, he explores future trends in technology, including robotics and quantum computing, and shares a fun concept for a cybersecurity-themed bar. TIMESTAMPS:00:00 Introduction to Cybersecurity and Derek Fisher's Background10:09 The Impact of AI and Cloud on Cybersecurity19:19 Understanding Threat Modeling in Cybersecurity27:47 Navigating the Security Hiring Process35:48 Navigating the Job Market in Cybersecurity36:40 Breaking into Cybersecurity: Finding Your Path44:16 Bridging the Gap: Academia vs. Industry47:24 Inspiring the Next Generation: Writing for Kids50:46 The Challenges of Parenting in a Digital Age54:08 Future Trends in Cybersecurity and Technology56:52 Creating a Cybersecurity-Themed Bar: A Fun ConceptSYMLINKS:[Derek Fisher's LinkedIn Profile ]- https://www.linkedin.com/in/derek-fisher-sec-archConnect with Derek Fisher on LinkedIn to learn more about his professional background and expertise in cybersecurity. [Securely Built Website] - https://www.securelybuilt.com/Explore Securely Built, founded by Derek Fisher, offering tailored cybersecurity advisory services, training programs, and resources to help businesses develop robust cybersecurity programs. [Secure Work Coach] - https://www.secureworkcoach.com/aboutAccess specialized cybersecurity courses and training materials provided by Secure Work Coach, founded by Derek Fisher, a seasoned cybersecurity expert with 30 years of engineering [Derek Fisher's Udemy Instructor Profile] - https://www.udemy.com/user/derek-fisher-8/Enroll in cybersecurity courses taught by Derek Fisher on Udemy, covering topics such as application security and CISSP exam preparation. [Ultimate Cybersecurity Course & CISSP Exam Prep] - https://www.udemy.com/course/ultimate-cyber-security-course/Develop your cybersecurity skills and prepare for the CISSP exam with this comprehensive course by Derek Fisher. [The Application Security Program Handbook] - https://www.securelybuilt.com/mediaLearn about building an application security program through this comprehensive guide authored by Derek Fisher. [Alicia Connected Series ] - https://www.aliciaconnected.com/Discover the "Alicia Connected" children's book series by Derek Fisher, focusing on safe technology usage for kids. [Securely Built YouTube Channel] - https://www.youtube.com/@securelybuiltWatch cybersecurity tutorials and discussions on the Securely Built YouTube channel. [Derek Fisher's Articles on SecureWorld News] - https://www.secureworld.io/industry-news/author/derek-fisherRead articles authored by Derek Fisher on SecureWorld News, covering various cybersecurity topics.CONNECT WITH US⁠www.barcodesecurity.com⁠Become a SponsorFollow us on LinkedInTweet us at @BarCodeSecurityEmail us at info@barcodesecurity.com

In this conversation, Perry Carpenter discusses the evolution of misinformation and disinformation in the age of AI and deepfakes. He explores the psychological principles that make individuals susceptible to deception, the ongoing arms race between detection and deception, and theregulatory landscape surrounding these issues. Carpenter emphasizes the importance of understanding narratives and cognitive biases in combating misinformation while also highlighting the challenges posed by rapidlyadvancing technology. In this conversation, Perry Carpenter discusses the implications of deepfakes and AI in cybersecurity, emphasizing the concept ofthe liar's dividend, the need for cognitive awareness training, and the ongoing arms race between AI-generated deception and truth verification. He highlights the erosion of trust in media and the necessity of understanding themotivations behind AI-generated content. Carpenter also shares insights on the future of deepfakes, ethical challenges, and the importance of focusing on the'why' behind AI technologies. TIMESTAMPS: 00:00 Introduction to Perry Carpenter and His Work 02:37 The Evolution of Misinformation and Disinformation 06:42 The Arms Race: Detection vs. Deception 12:00 The Impact of Deepfakes on Society 17:41 Psychological Principles Behind Deepfakes 23:16 Regulatory Landscape and Future Implications 34:59 The Liar's Dividend and Its Implications 36:09 Defending Against AI-Powered Threats 40:06 The Arms Race of AI and Cybersecurity 46:17 Erosion of Trust in Media 52:38 The Future of Deepfakes and Society 57:38 Understanding the Why Behind AI and Deception SYMLINKS: [LinkedIn – Perry Carpenter Profile] - https://www.linkedin.com/in/perrycarpenter/ Perry Carpenter’s professional LinkedIn profile details his background in cybersecurity, his work on AI-generated deception, and his industry engagements. It serves as a hub for networking and accessing more informationon his projects. [X (formerly Twitter) – Perry Carpenter Profile] - https://x.com/perrycarpenter?lang=en Perry Carpenter’s profile on X is where he shares real-time insights, commentary on cybersecurity trends, and updates related to his work in AI and digital deception. [Perry Carpenter’s Book “FAIK”] - https://www.thisbookisfaik.com/ This global retailer offers Perry Carpenter’s book, Fake:A Practical Guide to Living in a World of Deepfakes, Disinformation, and AI-Generated Deception, which explores modern digital deception andcybersecurity. [YouTube – The Fake Files Channel] - https://www.youtube.com/@theFAIKfiles YouTube hosts Perry Carpenter’s channel, “The Fake Files,” where he shares AI tutorials, deepfake detection tips, and cybersecurity insights related to synthetic media.

In this engaging conversation, Chris Glanden interviews Mariano Mattei, VP of Cybersecurity and AI at Azure Solutions. Mariano shares his extensive background in software engineering and cybersecurity, emphasizing the importance of metrics in communicating security risks to executive teams. He discusses the challenges organizations face in quantifying security effectiveness and adapting metrics to the rapidly evolving threat landscape, particularly with the rise of AI. The conversation also explores the intersection of creativity and cybersecurity, highlighting Mariano's passion for filmmaking and innovation. As they wrap up, they touch on future projects and the importance of maintaining a balance between work and creative pursuits. TIMESTAMPS: 00:00 Introduction to Cybersecurity and AI 01:44 Mariano's Journey into Cybersecurity 04:34 The Importance of Metrics in Cybersecurity 08:57 Challenges in Quantifying Security Effectiveness 12:04 Adapting Metrics to Evolving Threats 14:31 Creativity in Cybersecurity and Filmmaking 18:51 Finding Balance Between Work and Creativity 22:25 Future Plans and Projects 24:40 Closing Thoughts and Fun Ideas SYMLINKS: Mariano A. Mattei - LinkedIn - https://www.linkedin.com/in/mariano-a-mattei The professional LinkedIn profile of Mariano A. Mattei, offering insights into his career, experiences, and professional connections. Security Metrics – Mastering the Data Behind Cybersecurity - https://www.manning.com/books/security-metrics A comprehensive guide authored by Mariano Mattei, focusing on data-driven approaches to cybersecurity. Available through Manning Publications. Mattei InfoSec - https://matteiinfosec.com/ A consulting firm founded by Mariano Mattei, specializing in Chief Information Security Officer (CISO) services and data-driven information security solutions. Security Metrics - Manning Publications - https://www.manning.com/books/security-metrics A comprehensive guide on quantifying cybersecurity efforts, helping organizations measure, improve, and communicate the value of their security programs. Sacrum Vindictae Official Website - https://sacrumvindictae.com/ The official site for the film "Sacrum Vindictae," providing information on the storyline, cast, crew, and upcoming events related to the movie. CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

In this conversation, Chris Glanden and Matt Canham delve into the realms of deep fakes, cognitive security, and the implications of AI technology on human agency. They explore the nuances of cognitive security, differentiating it from social engineering, and discuss the potential vulnerabilities that arise as AI continues to evolve. The conversation also touches on the OSI model and how cognitive security can be integrated into existing frameworks, highlighting the importance of understanding cognitive attacks and their implications for both humans and AI systems. In this conversation, Chris Glanden and Matt Canham delve into the evolving landscape of cognitive security, emphasizing the need for security practitioners to adopt a systems-thinking approach. They discuss the implications of AI and direct neural interfaces on security practices, the role of DeepSeek in shaping AI interactions, and insights from the Cognitive Security Institute's meetings. The conversation also touches on emerging trends in cognitive warfare and concludes with a thematic drink inspired by the complexities of the field. TIMESTAMPS: 00:00 Introduction to Deep Fakes and AI Technology 02:28 Understanding Cognitive Security 09:58 Differentiating Cognitive Security from Social Engineering 19:05 Exploring the OSI Model and Cognitive Security Layers 21:48 Bringing Security Back to Earth 24:26 The Role of Cognitive Security in Modern Threats 25:02 AI's Impact on Security Practices 30:36 DeepSeek and Its Implications 33:47 Insights from the Cognitive Security Institute 41:28 Emerging Trends in Cognitive Warfare 45:43 The Complexity Cocktail: A Thematic Conclusion SYMLINKS: Dr. Matthew Canham – Home – https://www.canham.ai/ The official website of Dr. Matthew Canham, showcasing his expertise in human–AI integration, cognitive security, and updates on his latest projects and research. Research – https://www.canham.ai/research A dedicated section highlighting Dr. Canham’s research initiatives and academic contributions in the field of human–AI integration and cognitive security. LinkedIn – https://www.linkedin.com/ Dr. Canham’s professional networking profile where you can learn more about his career achievements, collaborations, and thought leadership. Cognitive Security: Exploring the Human Layer w/ Dr. Matthew Canham | CSI Talks #1 – https://youtu.be/OGmvoj5Dj_A A YouTube video where Dr. Canham elaborates on cognitive security and human–AI integration, aligning closely with the conversation’s focus on evolving security threats. Cognitive Security – Army Cyber Institute – https://cyber.army.mil/Research/Research-Labs/Cognitive-Security/ An official U.S. Department of Defense page describing research into cognitive security—protecting decision-making under adversarial conditions. This resource underscores the growing institutional focus on the subject. Apple’s Mind-Blowing Invention: AirPods That Can Read Your Thoughts – https://digialps.com/apples-mind-blowing-invention-airpods-that-can-read-your-thoughts/] An article that examines Apple’s patent for AirPods designed to detect brain signals, di CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

Torque is the force that keeps a system stable and in motion—just like cybersecurity, where constant pressure, precision, and adaptability are critical to staying ahead of threats. Curt Vincent knows this well, having transitioned from troubleshooting turbine engines in the Army to leading cybersecurity at the highest levels of Wall Street. A retired U.S. Army Lieutenant Colonel with tech-heavy deployments in Desert Storm and post-9/11 cyber warfare, Curt went on to build and lead Morgan Stanley’s 400-person Cyber Security Division, later holding executive roles at Bank of America and Goldman Sachs. Now a trusted advisor to C-suites and boards, Curt shares how the lessons of engineering, military strategy, and high-stakes cyber defense all come down to maintaining control under pressure. TIMESTAMPS: 00:00 Curt Vincent's Journey to Cybersecurity 14:40 Building Cybersecurity at Morgan Stanley 28:39 Cultural Shifts in Cybersecurity Practices 29:24 The Disconnect Between Cybersecurity and Business 32:13 Accountability and Consequences in Cybersecurity 35:12 Communication and Leadership in Cybersecurity 38:40 Connecting with the Audience: The Role of Analogies 39:14 Unique Experiences and Cultural Perspectives SYMLINKS: Curt Vincent's Website - https://curtvincent.com Curt Vincent’s speaker website where he shares insights on cybersecurity, leadership, and consulting. KnowBe4 - https://www.knowbe4.com A cybersecurity awareness training platform that specializes in phishing simulation and security education to help organizations mitigate human-related risks. Proofpoint - https://www.proofpoint.com A cybersecurity company providing threat intelligence, email security, and phishing prevention solutions to protect organizations from cyber threats. Morgan Stanley Cybersecurity - https://www.morganstanley.com/ Morgan Stanley’s approach to cybersecurity includes best practices and risk management strategies for businesses and individuals. Widener University - https://www.widener.edu The university where Curt Vincent pursued his degree before re-entering the military and advancing in his cybersecurity career. CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

In this conversation, Chris Glanden interviews Scotch Wichmann, a multifaceted individual with a rich background in cybersecurity and paranormal studies. Scotch shares his journey from a young hacker to a cybersecurity expert at Meta, discussing his experiences with paranormal phenomena and his research into psychic hacking. The conversation delves into the U.S. government's Stargate program, which explored remote viewing for military purposes, and Scotch's own experiments in psychic hacking, raising questions about the intersection of technology and the paranormal. In this conversation,they discuss the fascinating intersection of psychic abilities and cybersecurity. They discuss a blackbox experiment designed to test psychic phenomena, revealing surprising results and implications for security. The conversation explores how psychics can inadvertently gather information, the potential dangers of psychic hacking, and the importance of imagination in cybersecurity. Scotch shares insights on developing psychic abilities, future research projects, and personal experiences with haunted locations, culminating in a creative discussion about a hypothetical cybersecurity-themed bar. TIMESTAMPS: 00:00 - Introduction to Scotch Wichmann and His Journey 09:52 - The Intersection of Cybersecurity and Paranormal Experiences 19:33 - Exploring the U.S. Government's Stargate Program 28:15 - Psychic Hacking: A New Frontier in Cybersecurity 34:10 - The Black Box Experiment 35:28 - Psychic Insights and Surprising Results 39:53 - Collusion and Confidence in Psychic Abilities 42:11 - Developing Psychic Abilities 44:30 - The Dangers of Psychic Hacking 46:14 - Cybersecurity Implications of Psychic Phenomena 49:49 - Defending Against Psychic Attacks 56:36 - Imagination in Cybersecurity 59:53 - Future Research and Projects 01:01:29 - Connecting with Scotch Witchman 01:02:34 - Haunted Bars and Personal Experiences 01:04:35 - Creating a Cybersecurity-Themed Bar SYMLINKS: Scotch Wichmann's Website - https://www.scotchwichmann.com A personal website featuring Scotch Wichmann’s work, including cybersecurity insights, performance art, and paranormal research. Psychic Hacking Experiment - https://www.psychicexperiment.org A website detailing Scotch Wichmann’s experiment on psychic hacking, including methodologies, results, and raw data for public review. Stargate Project - http://en.wikipedia.org/wiki/Stargate_Project_(U.S._Army_unit) Wikipeida page based on a secret U.S. Army unit established in 1977[1][2] at Fort Meade, Maryland, by the Defense Intelligence Agency (DIA) and SRI International (a California contractor) to investigate the potential for psychic phenomena in military and domestic intelligence applications. CIA Declassified Documents on Remote Viewing -https://www.cia.gov/readingroom/ The CI CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

In this conversation, Chris Glanden interviews Slava Konstantinov, a lead architect at ThreatLocker, discussing the evolving landscape of cybersecurity, particularly focusing on macOS security. Slava shares his journey into cybersecurity, the misconceptions surrounding macOS security, and the importance of a zero trust approach in organizations. He emphasizes the growing threats from social engineering and the need for employee training. The discussion also touches on the impact of AI on security and offers advice for those looking to specialize in macOS security. TIMESTAMPS: 00:00 Introduction to Cybersecurity and Slava's Journey 07:03 Understanding macOS Security and Threat Landscape 11:38 ThreatLocker’s Zero Trust Approach 16:36 Evolving Threats and Social Engineering 21:23 Advice for Aspiring macOS Security Professionals 26:04 Closing Thoughts and Recommendations SYMLINKS: ThreatLocker Official Website - https://www.threatlocker.com The official site for ThreatLocker, a cybersecurity company specializing in zero-trust security solutions. Zero Trust World 2025 Conference - https://zerotrustworld.threatlocker.com/ An immersive cybersecurity event scheduled for February 19-21, 2025, in Orlando, Florida, featuring hands-on hacking labs, expert sessions, and networking opportunities. Zero Trust World 2025 Agenda - https://ztw.com/agenda Detailed schedule of sessions, including keynotes, breakout sessions, and hands-on labs for the Zero Trust World 2025 conference. Zero Trust World 2025 FAQ - https://zerotrustworld.threatlocker.com/faq Frequently asked questions providing information on event details, registration, and accommodations for the Zero Trust World 2025 conference. CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

In this engaging conversation, Chris Glanden interviews Brandon Prince, also known as Syntax, a multifaceted individual who is a hacker, DJ, and motorcycle racer. They delve into Brandon's early life, his journey into hacking and music, his experiences at DefCon, and his insights into the current job market in cybersecurity. Brandon shares unique stories from his life, including his transition from competitive motorcycle racing to DJing at security conferences, and discusses the challenges of navigating the job market today. In this engaging conversation, Chris Glanden and Syntax delve into various topics surrounding cybersecurity, innovative uses of technology, and the vibrant hacker community. They discuss the intricacies of Windows language packs and their implications for security, the creative use of Twitch as a command and control platform, and the importance of community-driven conferences. Syntax shares his experiences with unique venues and bars across the country, culminating in a humorous discussion about the concept of a cybersecurity-themed bar, complete with signature drinks that reflect hacker culture. Takeaways Chapters 00:00 Introduction to Brandon Prince 03:52 Early Life and Hacking Beginnings 06:33 Navigating the Hacker Community 08:59 The DJ Journey and DefCon Experience 11:22 Incorporating Hacking into Music 14:01 Motorbike Racing Adventures 16:35 Current Job Market Insights 19:14 Unique Hacking Experiences 26:46 Resume 29:35 Exploring Windows Language Packs and Exploits 31:39 Innovative Use of Twitch as a C2 37:25 Upcoming Conferences and Events 39:37 Preference for Community-Based Conferences 46:29 Unique Venues and Bar Experiences 51:29 Conceptualizing a Cybersecurity-Themed Bar CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com

Josh Marpet is a seasoned entrepreneur and a renowned authority in the field of information security, compliance, and risk management. With a rich background in law enforcement, Josh has translated his diverse experiences into shaping security protocols in various high-risk environments. He serves as the Chief Strategy Officer at Cyturus, where he drives advancements in compliance process products. Notably, Josh contributes to the esteemed IANS faculty and co-hosts the well-known Paul’s Security Weekly podcast. His efforts also extend to organizing BSides Delaware, further cementing his influence and dedication to the cybersecurity community. He shares his diverse career journey from law enforcement to tech support and finally into cybersecurity leadership. Listeners gain insight into his work with compliance frameworks like CMMC and SPDX, and his strategic approach at Cyturus, focusing on "dynamic risk monitoring" as a forward-thinking solution for mitigating risks. This episode also delves into the global regulatory landscape, comparing U.S. frameworks with those abroad and discussing AI regulation insights. As always, the conversation is enriched with amusing anecdotes and expert advice, making it not only educational but also engaging. TIMESTAMPS: 0:00 - Exploring Security, Compliance, and Innovation 3:05 - Reviving In-Person Tech Conferences Post-COVID Challenges 11:58 - From Tech Support to Cybersecurity and Compliance 19:12 - The Challenges and Importance of Software Bill of Materials 24:25 - The Global Regulatory Landscape and Its Impact on AI Development 28:37 - HIPAA Compliance Challenges for Lawyers and Medical Startups 30:00 - Dynamic Risk Monitoring as a Compliance and Revenue Driver 34:32 - The Impact of Podcasts on the Cybersecurity Community 40:14 - Exploring Unique Bars and Crafting Cybersecurity-Themed Cocktails SYMLINKS Cyturus Website - https://cyturus.com Official website for Cyturus, a leader in compliance process products and solutions, focusing on dynamic risk monitoring and governance. Josh Marpet on LinkedIn - https://www.linkedin.com/in/joshuaviktor/ Josh Marpet's professional LinkedIn profile for networking and insights. Paul’s Security Weekly - https://securityweekly.com One of the top cybersecurity podcasts, providing news, insights, and discussions on emerging threats and best practices in security. SPDX (Software Package Data Exchange) - https://spdx.dev Official resource for SPDX, an ISO-certified standard for managing Software Bill of Materials (SBOM). CycloneDX - https://cyclonedx.org A standard designed for the SBOM, with a focus on integration with CI/CD pipelines and automated systems. Executive Order 14028 - https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ U.S. Executive Order mandating the use of Software Bill of Materials (SBOM) for federal software contracts to improve cybersecurity. Helen Oakley - https://www.linkedin.com/in/helen-oakley/ Profile and resources related to Helen Oakley, a professional working on AI Bill of Materials. NIST AI RMF (Risk Management Framework) - https://nist.gov/ai/rmf U.S. Nation CONNECT WITH US www.barcodesecurity.com Become a Sponsor Follow us on LinkedIn Tweet us at @BarCodeSecurity Email us at info@barcodesecurity.com