Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On this episode of The Cybersecurity Defenders Podcast we speak with Erik Bloch, VP of Security at Illumio, about better tools to combat burnout rate and discuss the reality of AI in security. Erik Bloch has 30+ years of information and cyber security experience, both as an IC and as a leader of teams. “People first” has always been his approach. He has led entire security and IT functions at smaller companies, and been the CISOs leading big teams at larger orgs.

PCI compliance has never been about passing a single audit and forgetting about it until next year. In our recent PCI DSS 4.0 session, author Branden R. Williams explained why point-in-time assessments create a false sense of security. Passing a compliance report doesn't mean you'll still be compliant two days later if something changes. Configuration drift happens. Systems change. Sometimes it's accidental. Other times, organizations deliberately configure things to pass an assessment, then revert to their old ways afterward.

Swarms of AI bots are now being used to continuously test security perimeters. In this episode, Michael Baker, VP and Global CISO at DXC Technology, discusses the shift to AI-driven security operations. He recently met with startups working on agentic pentesting to find vulnerabilities before bad guys do. The advantage? You control these bots and get immediate feedback. The threat? Adversaries are building the exact same capabilities right now.

On this episode of The Cybersecurity Defenders Podcast we speak with Michael Baker, VP, Global Chief Information Security Officer at DXC Technology, about his optimistic outlook on the impact of AI in cybersecurity.

Threat actors have moved beyond using AI to speed up operations. They're now embedding large language models directly into malware. In this Intel Chat, Matt Bromiley and Chris Luft discuss Google's Threat Intelligence Group findings on malware families like PromptFlux and PromptSteal. These threats query LLMs mid-execution to dynamically alter behavior, obfuscate code, and generate system commands on demand.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

Defender Fridays - Building human-centric SOCs in the age of AI automation with Alec Fenton Join us for this week's Defender Fridays as we explore the evolution of security operations and AI's role in empowering analysts with Alec Fenton, VP Security Operations at Foresite Cybersecurity. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

PCI DSS 4.0 represents a significant change in how organizations and service providers approach compliance. It is more than an update to requirements. It is a philosophical shift that emphasizes continuous, risk-based security instead of point-in-time validation. In this joint session, LimaCharlie, ControlCase, and author Branden R. Williams explore how to navigate this new era of PCI compliance. Branden explains what has changed in PCI DSS 4.0, why those changes were made, and how they reflect a new mindset toward continuous assurance and flexibility.

The AI arms race in deepfake detection has a critical problem: the technology can't keep up. In this episode, Navroop Mitter, CEO of ArmorText, discusses why the industry is shifting away from relying on AI detection alone. A recent study from SKKU in South Korea found that zero out of sixteen top deepfake detection technologies could reliably identify deepfakes in real-world conditions. They worked fine in controlled lab settings, but failed when it mattered most.

On this episode of The Cybersecurity Defenders Podcast we speak with Navroop Mitter, CEO of ArmorText, about the role of Out-of-Band (OOB) communication in cyber incident response. Navroop Mitter is the CEO of ArmorText, a mobile security and privacy company based in the Washington, D.C. area.