Shows
Breakpoint Security PodcastS04EP09 | Beyond the Scanner: Building a Fix-First Culture | Vishal KalroVulnerability Management & RemediationGuest: Vishal Kalro, CISO & DPO, QuatiphiIn this episode of Breakpoint, Neelu and Vishal discuss the complexities of #vulnerabilitymanagement and #remediation in #cybersecurity. They explore the challenges faced by #security teams in identifying and prioritizing vulnerabilities, the importance of collaboration with development teams, and how to tie #vulnerabilities to business #risks. Vishal emphasizes the need for actionable insights and effective communication between teams to ensure vulnerabilities are addressed efficiently. In this conversation, they explore the friction between security and engineering teams, emphasizing the importance of empathy and communication. The discussion highlights the ne...
2025-12-1242 min
Breakpoint Security PodcastS04EP09 | Teaser | Beyond the Scanner: Building a Fix-First CultureVulnerability Management & RemediationGuest: Vishal Kalro, CISO & DPO, QuatiphiThe real security flaw isn't the vulnerability itself, it's the failure to execute remediation. Security teams are drowning in thousands of alerts and treating every bug like a Critical emergency. This "Alert Fatigue" guarantees that the actual high-risk exposures get missed, leaving the door wide open for the successful breach.---Follow us on LinkedIn: https://www.linkedin.com/company/breakpoint-security-podcastSubscribe for Video on YouTube: Subscribe: https://www.youtube.com/@BreakpointSecurityPodcast?sub_confirmation=1If you like to see more like t...
2025-12-1101 min
Breakpoint Security PodcastS04EP08 | Securing You in the Metaverse | Mohini & JaydeepGuests: Mohini Sharma, TMT Technology Consultant, EY.Jaydeep Katariya, AMI Technology Consultant, EY.The metaverse seamlessly integrates physical and digital spaces, enabling AI-driven innovations in virtual interactions, autonomous avatars, and real-time experiences. However, increased reliance on AI brings sweeping cybersecurity challenges, such as adversarial attacks, deep fake impersonation, and AI-driven phishing campaigns. The security of the metaverse is vital for the sustainability of user trust and system integrity. As AI assumes a larger role in virtual environments, proactive cybersecurity measures must be taken to counter emerging threats. This paper introduces DAI-TIRS, a...
2025-11-2139 min
Breakpoint Security PodcastS04EP08 | Teaser | Securing You in the MetaverseAs organisations and users increasingly move into the metaverse, AI-powered threats are evolving faster than traditional defences. The primary challenge for today’s security teams is that conventional detection and manual response are too slow for the millisecond-scale attacks of immersive environments. Their work on DAI-TIRS addresses this problem by integrating anomaly detection, adversarial AI defence, dynamic honeypots, and predictive threat modelling into a unified system for metaverse.Guests: Mohini Sharma, TMT Technology Consultant, EY.Jaydeep Katariya, AMI Technology Consultant, EY.Mohini Sharma:Mohini Sharma is...
2025-11-1801 min
Breakpoint Security PodcastS04EP07 | Rapid Fire | Anant SrivastavaGuest: Anant Srivastava, Chief researcher & Founder @ Cyfinoid Research Pvt LtdIn this Rapidfire Anant shares insights from his experiences in the field of both Supply Chain Security and his professional journey in Cybersecurity.Checkout the full episode where we discuss these practical nuances of SBOMs, so you get the best out of your 'bill of materials'.https://youtu.be/PwuJoABJfmc------Follow us on LinkedIn: https://www.linkedin.com/company/breakpoint-security-podcastSubscribe for Video on YouTube: Subscribe: https://www.youtube.com/@BreakpointSecurityPodcast?sub_confirmation=1If...
2025-11-0706 min
Breakpoint Security PodcastS04EP07 | SBOMs & Supply Chain Security | Anant SrivastavaGuest: Anant Srivastava, Chief researcher & Founder @ Cyfinoid Research Pvt LtdIt's not your code that gets breached, it's the code you inherit. We expose the hidden dangers lurking in your Software Supply Chain and reveal the single document that can save you: the SBOM .This episode breaks down why relying on Open Source components creates major risk. Learn how the Software Bill of Materials tracks every transitive dependency, allowing instant mapping of a new CVE to your production assets. Recommended reading/viewing, Paper for practitionershttps://w...
2025-11-0244 min
Breakpoint Security PodcastS04EP07 | Teaser | SBOMificationGuest: Anant Srivastava, Chief researcher & Founder @ Cyfinoid Research Pvt LtdImplementing Software Bill of Materials (SBOMs) is a complex process riddled with challenges that can undermine their security benefits. The primary issue is data quality and accuracy, as many tools fail to list all components, especially hidden transitive dependencies, creating a false sense of security. Furthermore, organizations are often overwhelmed by the sheer volume of data an SBOM produces, lacking the context and tooling to turn it into actionable intelligence. Finally, SBOMs are static snapshots in a dynamic world, becoming quickly outdated as new vulnerabilities are d...
2025-10-3001 min
Breakpoint Security PodcastS04EP06 | Rapid Fire | Shobhit GautamFrom Vulnerability to Value: Harnessing Bug Bounties for Continuous Security ImprovementGuest: Shobhit Gautam, HackerOne, Staff Security Solutions Architect, HackerOneThis short clip is fun, fast, and full of great personal insights on #cybersecurity . It’s a great reminder that behind every strong security defense is a brilliant, interesting human. #bugbountytips --Follow us on LinkedIn: https://www.linkedin.com/company/breakpoint-security-podcastSubscribe for Video on YouTube: Subscribe: https://www.youtube.com/@BreakpointSecurityPodcast?sub_confirmation=1If you like to see more like this, please Sub...
2025-10-2405 min
Breakpoint Security PodcastS04EP06 | Bug Bounty Programs | Shobhit GautamTOPIC:From Vulnerability to Value: Harnessing Bug Bounties for Continuous Security ImprovementStop viewing bug bounties as just a headache! We're talking about turning #vulnerabilities into measurable #security value.My guest dives deep into how organizations can strategically shift their perspective: using #crowdsourced security intelligence as a core engine for #continuous improvement. It’s about leveraging these programs to generate critical #threatintelligence and #risk data. Every reported flaw isn't a failure, but a data point that actively strengthens your #defence-in-depth strategy over time. We'll show you how to move from reactive flaw-finding to pro...
2025-10-1753 min
Breakpoint Security PodcastS04EP05 | Teaser | Bug Bounties ProgramsTOPICFrom Vulnerability to Value: Harnessing Bug Bounties for Continuous Security ImprovementGuest: Shobhit Gautam, HackerOne, Staff Security Solutions Architect, HackerOneShobhit is a Staff Solutions Architect at HackerOne. He has 15+ years of security experience, with extensive expertise in application, cloud, and infrastructure security. He is passionate about building secure solutions and fostering a security-conscious culture. He has experience leading security awareness initiatives, mentoring security teams, and responsibly disclosing vulnerabilities and is an active contributor to the security community.This discussion will explore how organizations can strategically leverage bug...
2025-10-1401 min
Breakpoint Security PodcastS04EP05| Rapid Fire | Saakshar DuggalGuest: Saakshar Duggal, Artificial Intelligence Law Expert I Training Corporates on Cyber laws and Cyber HygieneWe talked serious **DPDP Act** compliance in the full episode, but now it's time for the fun stuff! 🚀 I put our expert through the wringer with our rapid-fire round.---Follow us on LinkedIn: https://www.linkedin.com/company/breakpoint-security-podcastSubscribe for Video on YouTube: Subscribe: https://www.youtube.com/@BreakpointSecurityPodcast?sub_confirmation=1If you like to see more like this, please Subscribe to Breakpoint Youtube! ...
2025-10-1004 min
Breakpoint Security PodcastS04EP05 | DPDP Act and Compliance | Saakshar DuggalGuest: Saakshar Duggal, Artificial Intelligence Law Expert I Training Corporates on Cyber laws and Cyber HygieneThe DPDP Act is here, redefining digital privacy in India. But how does this new law stack up against global standards like GDPR? We're diving deep into the toughest differences and the biggest headache for every business: Consent Management.Beyond specific, informed consent and the constant right to withdraw, we tackle Data Minimization and the ambiguity of Data Retention rules. Is the Breach Reporting norm too lenient? Our expert breaks down the key areas, contrasts them with...
2025-10-0443 min
Breakpoint Security PodcastS04EP05 | Teaser | DPDP Act and ComplianceThe new DPDP Act is officially rewriting the rules for handling personal data in India. It sounds like simple compliance, but the implementation challenges for every data fiduciary are tricky—and getting it wrong could lead to massive fines.Today, we dive into the biggest hurdles, from consent management to fulfilling data principal rights. We guide you through the precise techniques you need to roll out DPDP successfully. Don't risk your organization's future—check out the full episode!Guest: Saakshar Duggal, Artificial Intelligence Law Expert I Training Corporates on Cyber laws and Cybe...
2025-10-0302 min
Breakpoint Security PodcastS04EP04 | Rapid Fire | Jay Thoden van VelzenGuest: Jay Thoden van VelzenTechnical Advisor, Office of the Chief Security OfficerSAP Global Security & Cloud ComplianceAt Breakpoint, we tend to get real about cybersecurity. We often say security's job is to be an enabler for the business. After the myth breaking full episode, here's a light Rapid Fire where Jay shares some of his experiments on chaos engineering and other interesting adventures.--Follow us on LinkedIn: https://www.linkedin.com/company/breakpoint-security-podcastAudio on Buzzsprout: https://breakpoint.buzzsprout.comIf you like to...
2025-09-2605 min
Breakpoint Security PodcastS04EP04 | Culture Eats Security for Breakfast | Jay Thoden van VelzenGuest: Jay Thoden van VelzenTechnical Advisor, Office of the Chief Security OfficerSAP Global Security & Cloud ComplianceIn this segment, we’re unpacking the biggest myth in security: that strategy is enough. Our guest argues that culture eats strategy for breakfast, and effective security isn’t about more policies, but about deep negotiation and understanding. We’ll discuss how to use tools like security risk management and security engineering not as blockers, but as instruments for genuine collaboration. This is about convincing teams we understand their needs, and together, building a security cultur...
2025-09-1948 min
Breakpoint Security PodcastS04EP03 | Dust Busters or Bots? | Dennis GieseGuest: Dennis Giese, Independent Security ResearcherYou've seen the headlines, heard the wild stories, and maybe even panicked about the devices in your own home. "Hackers take control of robot vacuums, yell racial slurs." It sounds insane, but what really happened? Our guest today is one of the researchers who exposed the vulnerabilities behind these shocking incidents.In this segment, we're diving deep into the world of smart home robotics and cyber-physical security. Our guest will walk us through their research into popular devices, revealing the types o...
2025-09-0624 min
Breakpoint Security PodcastS04EP02 | Reversing Large Deep Learning Models | Yashodhan MandkeHave you ever thought about how an attacker might reverse-engineer an AI model? Our guest today is doing just that, going beyond passwords and keys to unpack the very DNA of deep learning!In this segment, we're diving into the groundbreaking work of reversing large deep learning models. Our guest reveals how it's possible to reverse an AI model's entire mathematical structure, exposing its architecture, critical hyperparameters, and even the internal weights and biases that define its behavior. We'll explore this new frontier of security research in the context of different model formats and major models like...
2025-08-2225 min
Breakpoint Security PodcastS04EP01 | Zero Day Playbook with Coverage-Guided PHP Fuzzing | Sebastian NeefEver wonder how zero-day vulnerabilities in your favorite websites get uncovered? Our guest today is diving into a game-changing technique: coverage-guided fuzzing for PHP web apps! Forget slow scanners; we're talking about finding critical bugs before the bad guys do.Guest: Sebastian Neef, PhD at the Technical University of Berlin, at the Chair for Security in TelecommunicationsIn this segment, we explore PHUZZ, an open-source tool that's shaking up web application security testing. Our guest explains how this innovative approach outperforms traditional vulnerability scanners like BurpSuite, ZAP, and WFuzz in pinpointing crucial flaws...
2025-08-0812 min
Breakpoint Security PodcastAgentic AI | Dr Angelina Gokhale #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Dr Angelina GokhaleSenior Data Scientist, NetmonasteryAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for...
2025-07-2901 min
Breakpoint Security PodcastAgentic AI | Khushbu Jain #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Khushbu JainManaging Partner, Data Privacy | Ark LegalAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface...
2025-07-2201 min
Breakpoint Security PodcastAgentic AI | Abhishek Datta #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Abhishek DattaCo-Founder | SafeDepAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for **data breaches**, **access...
2025-07-1501 min
Breakpoint Security PodcastAgentic AI | Thiruraghavan Madhugiri #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Thiruraghavan MadhugiriDirector, Security Engg | AdobeAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for **data...
2025-07-0800 min
Breakpoint Security Podcast#S04CFPEP03 | CFP Series | Effective Paper Submission Part 03Effective Paper Submission for Beginners Part 03You've seen the good researchers on stage at the best conferences or your favorite local security conference, dropping knowledge bombs and getting that well-deserved applause. Ever wondered how they got there? It all starts with a killer paper submission!In this brand new video, part of our "CFP series", I'm pulling back the curtain on 'Effective Paper Submission' for security conferences. This isn't just about having a great idea/research; but also about packaging it, pitching it, and making sure it lands with the...
2025-07-0516 min
Breakpoint Security PodcastAgentic AI | Krishna Pandey #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their AI Agents to do for them' :) Guest: Krishna PandeySenior Director, Cybersecurity | XeroxAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for...
2025-07-0101 min
Breakpoint Security PodcastAgentic AI | Kunal Aggarwal #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Kunal AggarwalCTO @ RedHunt LabsAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for **data...
2025-06-2401 min
Breakpoint Security Podcast#S04CFPEP02 | CFP Series | Effective Paper Submission Part 02Effective Paper Submission for Beginners Part 02You've seen the good researchers on stage at the best conferences or your favorite local security conference, dropping knowledge bombs and getting that well-deserved applause. Ever wondered how they got there? It all starts with a killer paper submission!In this second episode, part of our "CFP series", I'll share some fun facts about what really makes a submission stand out, what needs to be explained, what depth to go to. In this instalment- I will discuss a sample presentation and trace it back to their research...
2025-06-2031 min
Breakpoint Security PodcastAgenticAI | Devesh Bhatt #ai #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.In this video from this fun series, we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Devesh BhattCyber Security Leader | Co-Founder BSides GoaAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface for **data b...
2025-06-1700 min
Breakpoint Security PodcastAgentic AI | Anant Shrivastava #AI #aisecurity #agenticai #cybersecurityImagine an AI agent managing your life. Sounds cool, right? But what if it gets hacked? We're exploring the future of AI agents and the critical need for their security.As the first installment, we share this fun series where we ask our guests to share 'What they would like their Agents to do for them' :) Guest: Anant Shrivastava Founder & Chief Researcher | Cyfinoid Research Private LimitedAgents have the potential for handling finances, travel, even critical health data. But with that power comes immense risk. But that also extends the attack surface...
2025-06-1000 min
Breakpoint Security Podcast#S04CFPEP01 | CFP Series | Effective Paper Submission Part 01Effective Paper Submission for Beginners Part 01Note: There will be tons of illustrations in this series. Checkout the Breakpoint YouTube Episode to access all that.You've seen the good researchers on stage at the best conferences or your favorite local security conference, dropping knowledge bombs and getting that well-deserved applause. Ever wondered how they got there? It all starts with a killer paper submission!In this brand new video, part of our "CFP series", I'm pulling back the curtain on 'Effective Paper Submission' for security conferences. This isn't just...
2025-06-0615 min
Breakpoint Security Podcast#S03 Breakpoint Season03 Wrap UpWhat an incredible season it’s been on the Breakpoint Security Podcast! From decoding API security with Bucchi Reddy to diving into SOC (un)automation with Dr. Anton Chuvakin, this season was packed with insights, stories, and actionable advice from some of the brightest minds in cybersecurity.This video shares some interesting highlights from the Season. Which was your favourite episode of the season? Mention in the comments below :)If you like to see more like this, please Subscribe to Breakpoint Youtube! Please Share with ot...
2025-01-2715 min
Breakpoint Security Podcast#S03EP10 SOC - Beyond Automation | Dr. Anton ChuvakinIn this episode of the Breakpoint Security Podcast, we dive into the evolving world of Security Operations Centers (SOC) with Dr. Anton Chuvakin, Security Advisor at the Office of the CISO, Google Cloud.Key discussion points include:Event Correlation: Exploring the automation of correlating security events in real-time and at scale. When should we rely on automation, and where does human expertise still play a vital role?Threat Detection & Response: A deep dive into machine learning (ML) and behavior-based analytics for threat detection, including insider threats and the...
2024-12-1444 min
Breakpoint Security Podcast#S03EP09 Crypto Shield for Vehicle Security | Sandip DholakiaWhen even a seasoned security professional thinks about cryptography, the obvious areas are encryption at rest and in transit. But modern cryptography has penetrated our lives - in the areas we don’t even think about. It works its magic in IoT devices, in the cloud, while we shop, and even in the car we drive! Guest: Sandip Dholakia, Principal Security architect and co-chair of Cryptography CoE at SAP Global Security & Compliance.GlossaryECM = Engine Control ModuleBCM = Body Control ModuleRFM = Radi...
2024-11-1648 min
Breakpoint Security Podcast#S03EP08 Getting Domain Admin: Infrastructure Hacking | Prashant MahajanGuest: Prashant Mahajan, Director for Payatu Australia Pty Ltd and OzHackThe Cybersecurity landscape is driven by the increasing complexity and integration of systems. One major challenge is the proliferation of interconnected devices and platforms, which expand the attack surface and create numerous entry points for malicious actors. Additionally, the rapid adoption of cloud services and virtualization technologies introduces new vulnerabilities and requires robust security measures that are often inadequately implemented.Furthermore, the rise of sophisticated attack techniques, such as advanced persistent threats (APTs) and zero-day exploits, further complicates the defense mechanisms needed to protect...
2024-10-2938 min
Breakpoint Security Podcast#S03EP07 Gamification for Hacking Humans | Jayson E. StreetA "notorious hacker" by FOX25 Boston, "World Class Hacker" by National Geographic Breakthrough Series and described as a "paunchy hacker" by Rolling Stone Magazine. He however prefers if people refer to him simply as a Hacker, Helper & Human.This is none other than our Guest- Jayson E. Street, Chief Adversarial Officer at Secure Yeti.In today's highly digitized world, organizations are increasingly susceptible to social engineering attacks, where malicious actors manipulate individuals/employees into divulging confidential information. Despite advanced technical defenses, attackers exploit human psychology to breach security perimeters. Techniques such as phishing emails, pretexting, and...
2024-10-111h 16
Breakpoint Security Podcast#S03EP07 Teaser | Gamification for Hacking HumansIn this episode, we're diving deep into "Gamification for Hacking Humans" with Jayson E. Street, Chief Adversarial Officer at Secure Yeti. We discuss how attackers are exploiting human psychology through techniques like #phishing and pretexting and how #AI is making #socialengineering attacks even more sophisticated. With the rise of remote work, these #threats are more real than ever!Want to know how your organization can defend against these tactics? Check out the follow up full video for valuable insights into protecting your team from manipulation. #cybersecurity Follow us on LinkedIn: https://www.linkedin.co...
2024-10-0701 min
Breakpoint Security Podcast#S03EP06 Decoding Security Metrics for Business Risk | Runa DalalInterested in Cyber Reporting? Check out this episode where we discuss - Interpreting Security Metrics to understand real business Risk.Guest: Runa Desai Dalal, Cyber Risk Leader at AccentureCyber Strategy| CISO Dashboard| Cyber KPI| Cyber Analytics| Business Continuity |Enterprise Risk|Mentor| Coach| Guide|Understanding security data within an organization involves synthesizing data from various domains such as risk management, DevSecOps, and SOC operations to create meaningful correlations. By interpreting these security metrics, businesses can transform raw data into actionable insights that highlight potential risks and inform strategic decisions, ultimately enhancing their...
2024-09-211h 08
Breakpoint Security Podcast#S03EP05 Mastering Application Threat Modeling at Scale | Tony UVTOPIC: Mastering Application Threat Modeling at ScaleGuest: Tony UV, CEO & Founder of VerSprite Security, and the Author of Risk Centric Threat Modeling & PASTA MethodologyWe dive deep into everything from effective threat modeling techniques for Agile and waterfall applications to scaling threat modeling across large application ecosystems. Tony shares his insights on automating this critical process, handling technical and cultural dependencies, and ensuring security practices keep up with rapid development velocity.If you're looking to understand what a robust threat modeling program looks like and how to measure its success, you're at...
2024-09-0754 min
Breakpoint Security Podcast#S03EP04 AI for Security And Security For AI | Tamaghna BasuIn this episode, we delve into the intricate world of AI security, tackling the dual challenge of safeguarding artificial intelligence systems and utilizing AI to enhance cybersecurity. Guest: Tamaghna Basu, Founder & CEO, DeTaSECUREJoin us as we unravel the complexities of AI security and provide valuable insights that can help you stay ahead in the ever-evolving cybersecurity landscape. Whether you're a security professional, an AI enthusiast, or simply curious about the intersection of these fields, this episode offers critical knowledge and practical tips to enhance your understanding and approach to AI security....
2024-08-231h 00
Breakpoint Security Podcast#S03EP03 DevOpsification of Threat Detection Development | Wasim HalaniLearn to DevOpsify your Threat Detection Development!Guest: Wasim Halani, Director - Detection Engineering at SecuronixSOC teams face a continuous challenge of evolving threats and a difficulty in developing #analytics to detect such #threats. Recent times have seen the Detection Engineering function evolve along the lines of Software Engineering - which means the Agile and DevOps methodologies also apply to new detections being developed and deployed. Continuous development, continuous testing and continuous deployment are part of the game.In this episode, we dive into the challenges faced by traditional #SOC teams i...
2024-08-1056 min
Breakpoint Security Podcast#S03EP02 Building Intelligence into your Software Supply Chain Security | Shashank DixitCheckout AI for your DevOps pipelines!Guest: Shashank Pramod Dixit, Principal Consultant, Sumeru SolutionsCISO advisory, Product Management, Security leadership, Product Security.There exist many common challenges today for SMBs doing DevSecOps. Organizations are confused among the tools, there are so many options which ones shall we choose.There are so many false positives, and unnecessary noise. There is no in-house expertise in place who can level up the application security.There are cost limitations, the license tools are expensive and open source are difficult to maintain. In this ep...
2024-07-2651 min
Breakpoint Security Podcast#S03EP01 Taking Charge of Your APIs: Proactive API Security | Buchi Reddy BWhat does Proactive API Security Testing encompass and what all you need to enhance your API Security Posture? We discuss all this with our expert guest Buchi Reddy.Guest: Buchi Reddy B, Founder & CEO of Levo.aiProactive API security testing refers to an approach where security testing activities are conducted preemptively to identify and address potential security vulnerabilities in APIs before they can be exploited by malicious actors. This proactive approach involves systematically assessing the security posture of APIs through various techniques and methodologies, even before they are deployed or exposed to production environments.
2024-07-141h 01
Breakpoint Security Podcast#S02EP10 | Zeroing Trust: Identity Threats, the New Attack Surface | Sudarshan PisupatiThe proliferation of digital identities and access points has increased the attack surface, making it difficult to monitor and secure user identities effectively. The rising sophistication of cyber threats, including identity theft and credential-based attacks, demands proactive measures to detect and respond to these threats promptly. Additionally, compliance requirements and data protection regulations necessitate robust identity security to avoid legal and financial repercussions. All the above result in growing the complexity of managing user identities, especially in large enterprises and hence require automation and real-time monitoring capabilities to manage Identity threats, ensuring the organization can effectively safeguard i...
2024-01-1756 min
Breakpoint Security Podcast#S02EP09 | Controlling your SaaS Sprawl with a SaaS Security Platform | Abhishek AnandJust like cloud is omnipresent in 2023, SaaS sprawl is just as prevalent. A company on an average uses 110 SaaS apps and broadly 70% of the software that is being run is SaaS with issues even more severe at enterprise level. SaaS security today is thought of as an IAM problem solved with an SSO integration but issues go beyond that, with misconfigurations leading to leaked data, insecure SaaS plugins opening up new threat vectors and how your services talk to other SaaS apps.A lot of cloud security issues can be solved in orgs with good eng...
2023-12-2957 min
Breakpoint Security Podcast#S02EP08 Packing a Punch! With Policy-as-Code | Abhay BhargavIn today's world of rapidly evolving technology and the increasing complexity of software systems, ensuring the security and compliance of applications across the stack has become paramount. The stack has also gotten to be much more complex with the proliferation of APIs on cloud and cloud-native technologies. Tightly coupled security controls for things like Authorization, Validation and Admission Control is not realistic and is causing a large inconsistency in the implementation of security controls. This episode will provide an in-depth exploration of Policy-as-Code (PaC) and how it can be employed to implement decoupled security practices across the s...
2023-12-1942 min
Breakpoint Security Podcast#S02EP07 From Chaos to Compliance: Navigating the ISMS Implementation Maze | MS SripatiFrom Chaos to Compliance: Navigating the ISMS Implementation MazeIn this episode, we will be talking about the challenges an organization faces when doing an ISMS implementation. We will talk about this in the context of ISO 27001 implementation and see the practical nuances it entails.Guest: Sripati MS, Assistant Vice President, Risk, Utkarsh Small Finance BankHe is an information security risk management professional, 18 years and counting. He has helped create, run, and audit information security programs for customers in the oil/gas, utility, and banking domains. He has also helped provide security...
2023-12-0754 min
Breakpoint Security Podcast#S02EP06 (MITRE) ATT&CK in your Backyard | Shweta KshirasagarMITRE ATT&CK has been the go-to framework for both offensive & defensive security teams. It’s sophistication and vast coverage makes it quite comprehensive, often not easy to fathom, let alone implement to the fullest. In this episode of br3akp0int, we demystify this through practical scenarios & Shweta’s experience of implementing it in day-to-day activities of Cyber Defenders. Guest: Shweta Kshirsagar, General Manager - Security Assurance, Airtel AfricaShweta is an accomplished information security professional with 18 years of industry experience in various domains of Cyber Security such as Cyber Incident Respo...
2023-10-2850 min
Breakpoint Security Podcast#S02EP05 From Zero to One: Bootstrapping Security for your Organization | Prajal KulkarniFrom Zero to One: Bootstrapping Security for your OrganizationWith the rise in the number of digital start ups, many of us in security and engineering find ourselves in a place where we are the first of the lot. We need to not just define, but start and secure our organization and assets from the ever growing set of breaches & attacks. This episode is dedicated to starting security from scratch and going ground up.Guest Intro: Prajal Kulkarni, Chief Information Security Officer @ Groww
2023-10-1843 min
Breakpoint Security Podcast#S02EP04 IoT Security: Safeguarding Your Smart World! | Aseem JakharThe world is getting smarter and the number of IoT devices is growing by the day. Securing such environments presents unique challenges due to the diverse nature of these devices and the complexity of their interactions.Guest: Aseem Jakhar Co-Founder & Dir. Research at PayatuLinkedin: @aseemjakharX: @aseemjakharAseem Jakhar is a Cybersecurity Entrepreneur and Technologist with two decades of experience in security product development, services, building and scaling teams and communities. He is currently working on solving the IoT Security problem with his latest venture EXPLIoT. H...
2023-10-0350 min
Breakpoint Security Podcast#S02EP03 DevSecOps for teams building on Steroids | Akash MahajanTOPIC: DevSecOps for teams building on Steroids Developers have already adopted public cloud in all tech enabled companies and industry verticals. Security teams are mostly for after the fact testing, signaling that compliance is in place or even as a sales aid when selling to large enterprises. If Continuous Delivery is the goal (as that gets the business money) then the integration and deployment pipelines (CI/CD) are the assembly lines. Far too often under the misguided notions of shift left, security teams come and slow things down by ad...
2023-09-1551 min
Breakpoint Security Podcast#S02EP02 Sprinting Securely: Pentesting Keeping Pace with Agile Development | Sanoop ThomasTOPIC: Sprinting Securely: Pentesting Keeping Pace with Agile DevelopmentBuilding Actionable Security Champion Programs & Pentest catching up with speed of agilePodcast Guest: Sanoop Thomas (@s4n7h0)Sanoop Thomas (@s4n7h0) is a seasoned security professional with a diverse background in consulting, teaching, research and product-based industries with a passion to solve complex security problems. Today, Sanoop works as an information security specialist focusing on application security and secure coding. His field of interest includes fuzzing software vulnerabilities, r...
2023-09-0144 min
Breakpoint Security Podcast#S02EP01 From Threat Actors with Love! Tackling Malware Attacks for Healthcare | Shyam SundarSeason 02 Episode 01TOPIC: From Threat Actors with Love ! Tackling Malware Attacks for HealthcareThe sophisticated cyber attacks post pandemic opens the door for threat actors to craft more mail spam that spans across different sectors of industry. The rise of attacks towards the healthcare industry targeting health care specific devices and infrastructure. How do we stop these ? Wait ! Do we even know such sectors are affected ?Guest: Shyam Sundar Ramaswami , Sr. Staff Cyber Security Architect , Cyber Labs - GE Healthcare Shyam is...
2023-08-1952 min
Breakpoint Security PodcastSeason 01 | It's a Wrap! | Neelu TripathyWe're wrapping up season 01 and will be back soon in Season 02!!A big THANK YOU!To all our listeners who have been listening to the episodes for this first season of BP :)To all our Guests for sharing interesting stories & practical takeaways.In this cast, we wrap up Season 01 and share a quick glimpse of what was discussed in each episode, so that listeners know and can choose whatever they want to listen. Do check out all the episodes, a quick outline below:Episode 01: Securing your Security product with...
2023-04-2808 min
Breakpoint Security PodcastProactive Threat Prevention with Threat Intelligence | Episode TeaserTOPIC: Proactive Threat Prevention with Threat IntelligenceIn this episode, we discuss the challenges of Threat Intelligence in the modern Threat landscape and how security teams can conduct Threat Intelligence to Proactively Stop Advanced Attacks. Guest: Avkash Kathiriya, Sr. VP - Research and Innovation at Cyware LabsAvkash is the VP of Research at a US-based Cyber security product startup. Avkash is an astute cybersecurity professional with more than 13 years of experience in core security technology domains including Cyber Defense, Security Orchestration and Automation, Cyber Resiliency, Threat Hunting, a...
2023-04-1402 min
Breakpoint Security PodcastProactive Threat Prevention with Threat Intelligence | Avkash Kathiriya | Full Ep.TOPIC: Proactive Threat Prevention with Threat IntelligenceIn this episode, we discuss the challenges of Threat Intelligence in the modern Threat landscape and how security teams can conduct Threat Intelligence to Proactively Stop Advanced Attacks. Guest: Avkash Kathiriya, Sr. VP - Research and Innovation at Cyware LabsAvkash is the VP of Research at a US-based Cyber security product startup. Avkash is an astute cybersecurity professional with more than 13 years of experience in core security technology domains including Cyber Defense, Security Orchestration and Automation, Cyber Resiliency, Threat Hunting, a...
2023-04-141h 11
Breakpoint Security PodcastBuilding a 100% Open DevSecOps Stack | Episode TeaserTOPIC: Building a 100% Open Source DevSecOps Stack for Product TeamsGUEST: Abhisek DattaHe has been a Security researcher in the past. Currently he is dabbling more on the development & product side of things. He is an OSS contributor and Platform & Security engineer. Can still read/write C & x86 ASM.Episode Summary:In this episode we dive deep into the challenges and opportunities of creating and maintaining a 100% open source DevSecOps stack. Tune in to find a store house of information for Product teams on how to...
2023-03-3102 min
Breakpoint Security PodcastBuilding a 100% Open DevSecOps Stack | Abhisek DattaTOPIC: Building a 100% Open Source DevSecOps Stack for Product TeamsGUEST: Abhisek DattaHe has been a Security researcher in the past. Currently he is dabbling more on the development & product side of things. He is an OSS contributor and Platform & Security engineer. Can still read/write C & x86 ASM.Episode Summary:In this episode we dive deep into the challenges and opportunities of creating and maintaining a 100% open source DevSecOps stack. Tune in as to find a store house of information for Product teams on how t...
2023-03-311h 09
Breakpoint Security PodcastCloud Security for a SaaS Company | Jayesh ChauhanTOPIC: [Cloud Security] Challenges encountered by a SaaS company when they are born in Cloud and how we can tackle those. Running cloud security programs with a small team can be challenging. In this episode we discuss how do we leverage security engineering, automation and cater to a SAAS company's cloud security problems at scale without leaving the depth mindset behind.GUEST: Jayesh Singh Chauhan[Founder: Cloudurance Sec & Cloud Village at DEFCON]Guest Intro: Jayesh Singh Chauhan is a security professional with 11 years of experience in the security space a...
2023-03-161h 05
Breakpoint Security PodcastCloud Security for a SaaS Company | Episode TeaserTOPIC: [Cloud Security] Challenges encountered by a SaaS company when they are born in CloudGUEST: Jayesh Singh Chauhan [Founder: Cloudurance Sec & Cloud Village at DEF CON]Guest Intro: Jayesh Singh Chauhan is a security professional with 11 years of experience in the security space and he is the founder of Cloud Village at DEF CON. In the past, he has been part of the security teams of PayPal, PwC, and was the Director of Product Security at Sprinklr Inc in his last job. He currently runs his own Cloud Security T...
2023-03-1602 min
Breakpoint Security PodcastOT Security-Vendor Risk Management | Vikash TiwariTOPIC: OT Cyber Security - Vendor Risk ManagementIndustrial Control Systems are used in critical infrastructure such as utilities, oil & gas, Aviation, Medical Industry and vehicle manufacturing . Some examples - Industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems.Since the entire OT ecosystem is often managed by vendors, managing vendor risk becomes very important. Tune in to the episode to listen how we can follow a 'Defence in Depth' approach when working with Vendors in this space....
2023-02-2344 min
Breakpoint Security PodcastOT Security-Vendor Risk Management | Episode TeaserTOPIC: OT Cyber Security - Vendor Risk ManagementGUEST: Vikash Tiwari, IT Audit Manager @ ADQVikash is an experienced cyber security professional with 14 years+ in various cyber security domains like Information Security / I&T Audit, VAPT and IT / OT GRC area. He has been working as Sr. Cyber Security consultant with TUV Rheinland LLC Oman. He has been focusing on Cloud Security Audits, DevSecops, Critical Infrastructure Security and IIOT security areas..If you like to see more like this, please Subscribe to Bre...
2023-02-2202 min
Breakpoint Security PodcastSecrets Management | Ankit KhasgiwaleSecrets management talks about the ways and methods of managing application secrets securely all through their lifecycle including storage, transit and use. This has been a tricky area for organisations to solve and has led to some significant breaches lately.In this episode we discover some challenging scenarios when we try to implement secrets management across an organisation and discuss methods to deal with them.Guest Intro: Ankit KhasgiwaleLinkedIn: @ankitAnkit is Director of Product Security at Unacademy. He has over 16 years of experience in penetration testing, threat...
2023-02-0952 min
Breakpoint Security PodcastSecrets Management | Episode Teaser Secrets management talks about the ways and methods of managing application secrets securely all through their lifecycle including storage, transit and use. This has been a tricky area for organisations to solve and has led to some significant breaches lately.Episode RELEASE DATE: 09th Feb, 2023Guest Intro: Ankit KhasgiwaleAnkit is Director of Product Security at Unacademy. He has over 16 years of experience in penetration testing, threat modelling, code reviews, DevSecOps and cloud security. At Unacademy, Ankit started the Product Security vertical from ground up which included s...
2023-02-0702 min
Breakpoint Security PodcastSecuring your Security Product | ResourcesGuest- Syed Shahrukh AhmadCo-founder BeVigil, CloudSEKSyed LinkedInBeVigil Mobile Application Security Recommended reading/viewing, Paper(on this topic) for practitionersEngineering tech blogs of major internet companies - Netflix, Spotify, Github, Google etc.Podcasts - Smashing Security, The Cloudcast, Malicious Life, and The Changelog AWS Security guides, HackerNews feed, always watching for open-source innovative security automation projects - for the constant inspiration, Research papers around mobile app security, privacy and AI targeted to flag internet security concerns.Mobile security - OWASP MSTGIf you like to see mo...
2023-01-2704 min
Breakpoint Security PodcastSecuring your Security Product | Sharukh AhmadTopic: Securing Your Security ProductWe start the season with Security Products. In this episode we look into the tricky areas when building Security products and how to address Security for those. We see how the perspective changes when we use the Security and developer lens and what to do about it. Also we dive into practical approaches to take for Security in the long run, which goes much beyond pen testing and/or bug bounty and brings about a robust defensive mindset.Guest: Syed Shahrukh Ahmad Co-founder BeVigil, SVigil @ CloudSEKHe...
2023-01-2651 min
Breakpoint Security PodcastSecuring your Security Product | Episode TeaserStay tuned for our first guest- Syed Shahrukh Ahmad, Co-founder BeVigil, CloudSEKIf you like to see more like this, please Subscribe to Breakpoint Youtube! Please Share with others in the community. It always means a lot! Follow us on LinkedIn: @breakpoint-security-podcastAudio on Buzzsprout: https://breakpoint.buzzsprout.com Buzz me on Twitter or LinkedIn Connect with me on - Twitter: @NeeluTripathy LinkedIn: @neelutripathy
2023-01-2502 minBreakpoint Security PodcastBr3akp0int TeaserDefensive Security: Although this forms the bulk of Information security, it is not talked about enough. Join me in the br3akp0int Security Podcast, where we go to depths and understand what the best Security teams do to operationalise excellent Security engineering practices across organisations and how do they really optimize for scale. If you like to see more like this, please Subscribe to Breakpoint Youtube! Please Share with others in the community. It always means a lot! Follow us on LinkedIn: @b...
2023-01-2100 min
Stories of Infosec Journeys - Indian EditionStories of Infosec Journeys - In conversation with Neelu TripathyNeelu works as Security Practice Lead with ThoughtWorks India. Her array of experience spans across Vulnerability Assessments and Penetration Tests of Web Applications & Network along-with Red Team engagements, Source Code Reviews, Threat Modelling and Design Reviews of web applications & APIs, Data Leakage Investigations, Configuration reviews, Social Engineering engagements, etc.
She has been a trainer at BlackHat US, organized ReconVillage at Defcon & Social Engineering Village at Nullcon. Currently in the Review Panel for NullCon. She has been actively involved with the Indian security Community and have moderated Null Mumbai and Bengaluru chapters.
You can find her...
2021-06-2420 min