LISTEN NOW ON:

A Synack Podcast Production

On WE’RE IN!, you’ll hear from newsmakers, hackers, big thinkers, innovators and the pioneers around the world doing the hard work to fix today’s cybersecurity crisis. They’ll share their strategies, tactics and solutions for the tough problems and disclose insights from the cutting edge of the industry and across the entire cybersecurity landscape. Subscribe to get new WE’RE IN! Episodes, extra content and updates directly in your inbox. You'll receive a confirmation email in a few moments—be sure to check your "promotions" folder and move it to your "primary" folder.

Subscribe Today  

Show Co-Hosts

Show co-hosts profile pics

@c1ph3rflux

Listen Now:

Episode 18: Jim Manico on Secure Coding, OWASP and Being a Decent Human

Episode 18: Jim Manico on Secure Coding, OWASP and Being a Decent Human

Jim Manico is full of opinions. The founder of Manicode Security has advice on how to use the OWASP Top 10, on secure coding and especially on the OWASP Application Security Verification Standard (ASVS). He has advice for people starting out in security and on what it means to be a decent person. Jim is definitely one of those! He's also an educator, author, investor and entrepreneur. There are so many reasons to listen to this episode. Here are just a few:
  • Hear from one of the leading educators focused on helping developers code securely. 
  • Learn more about all the important projects and initiatives happening at OWASP.
  • Get Jim's perspective on how organizations can best implement DevSecOps. 
Listen to the Podcast
Episode 17: Alex Holden on Russia's Cyber Arsenal, Conti Leaks and Infiltrating Ransomware Gangs 

Episode 17: Alex Holden on Russia's Cyber Arsenal, Conti Leaks and Infiltrating Ransomware Gangs

Alex Holden has a knack for tracking Russian cyber criminals. The Ukrainian-born cybersecurity expert understands what it takes to infiltrate ransomware outfits, learn their secrets and help organizations protect themselves against their tactics. Beyond that, the firm is responsible for detecting some of the biggest breaches in recent history. In this episode, Alex talks about his approach to tracking the world's most notorious criminal hackers, the current cyber threat in Eastern Europe and his own journey from Kyiv to the American midwest. Why you should listen:
  • Get the inside story of how the Conti ransomware gang and other Eastern European cybercrime syndicates operate.
  • Hear about how the current Ukrainian War could shift the cyber threat landscape.
  • Discover how one of the leading threat intelligence researchers uncovered some of the biggest data breaches in history.
Listen to the Podcast

Episode 16: Hacking for Ukraine, supply chain risk and cyber moonshots

Episode 16: Hacking for Ukraine, supply chain risk and cyber moonshots

There's a flood of cybersecurity news as a result of the Ukraine War as well as Washington's recent efforts compelling organizations to report cyberattacks to federal officials. In this episode, Trey Herr and Emma Schroeder of the Atlantic Council’s Cyber Statecraft Initiative break it all down. They explore the consequences of an escalating digital battlefield in Europe, whether a hack could bring NATO into the war and strategies for creating more consensus within the tangled and complicated realm of cyber policy. Why you should listen:

      • Understand what's at stake as cyber warriors do battle on both sides of the the Ukraine War.
      • Learn about some potential consequences of a destructive hack in Europe and whether that could even draw NATO into the war.
      • Hear what Washington is doing to obtain better insights and actionable intelligence that could improve cybersecurity defenses.
Listen to the Podcast

Episode 14: Gabriella Coleman on Anonymous, hacker history and the evolution of infosec

Episode 15: Gabriella Coleman on Anonymous, hacker history and the evolution of infosec

Gabriella Coleman, a Harvard University anthropology professor, describes how she immersed herself in hacker culture and eventually became embedded in the shadowy and mercurial world of Anonymous, the hacktivist collective she chronicled in her 2015 book, "Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous." This is such a fascinating episode that explores the often misunderstood history of hacking and how many in this community went from outside agitators to mainstream security researchers. Why you should listen:
  • Get a better understanding of the history of Anonymous and the role it played in shaping online protests and whistleblowing.
  • Hear about some of the earliest hacking communities such as the free software hackers and efforts to archive their early writings and magazines.
  • Get an anthropological perspective on how hackers have evolved from the fringes of the tech world to among the most influential voices in cybersecurity.
Listen to the Podcast
Episode 14: Nicolas Chaillan takes on the Pentagon, China and TikTok

Episode 14: Micah Hoffman breaks down OSINT, the dark web and beer apps

In this episode, Micah Hoffman talks about his career in Open Source Intelligence (OSINT) and the value it has for investigations, cybersecurity and understanding how information is weaponized. He also gets into strategies for safeguarding personal privacy in the face of increasing digital surveillance. This episode will have you thinking twice about what you post on social media! Why you should listen:
  • Here from one of the leading Open Source Intelligence researchers working today.
  • Learn about the value of OSINT for offensive and defensive cybersecurity.
  • Get a better understanding of all the privacy risks from fitness trackers, apps, shopping online and social media.
Listen to the Podcast
Episode 13: Nicolas Chaillan takes on the Pentagon, China and TikTok

Episode 13: Nicolas Chaillan takes on the Pentagon, China and TikTok

Nicolas Chaillan, former Air Force Chief Software Officer, resigned from the DoD over frustrations with what he called a lack of innovation, collaboration and agility. He gets into those issues and talks about how the U.S. can invest more in technology to compete with China in artificial intelligence and cybersecurity. Why you should listen:
  • Nicolas offers a candid and controversial view of the military's approach to the growing technological threat from China.
  • He outlines his view for a Pentagon that is more agile, collaborative and competitive.
  • Hear from a former DoD insider about some of the institutional barriers that can hinder innovation and software advancements.
Listen to the Podcast
Episode 12: Phillip Wylie on bear wrestling, pentesting and understanding the adversary

Episode 12: Phillip Wylie on bear wrestling, pentesting and understanding the adversary

In this episode, Phillip Wylie talks about his journey from pro wrestling to pentesting and what motivated him to start teaching, mentoring and giving back to the infosec community. It's an inspirational story for veterans in the field and newbies alike. Phillip not only talks about his work helping others get started in ethical hacking, but the value of truly understanding the mind of the adversary. Why you should listen:
  • Phllip's story is both educational and inspirational – worthwhile for anyone interested or involved in cybersecurity.
  • Learn something from one of the most prolific cybersecurity speakers and educators.
  • Get a better understanding of ethical hacking and the value of offensive security testing.
Listen to the Podcast
Episode 11: Kim Zetter on election security, Stuxnet and Substack

Episode 11: Kim Zetter on election security, Stuxnet and Substack

Kim Zetter is a former staff writer at WIRED and author of the seminal cybersecurity book “Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon.” Her work has appeared in The New York Times, POLITICO, The Washington Post and regularly in her Substack newsletter, “Zero Day.” In this episode, Kim talks about her approach to reporting, what sparked her Stuxnet investigation and how the discovery of that malware fundamentally altered our global cybersecurity conversation. Why you should listen:
  • Hear from one of the most influential and knowledgeable journalists writing about cybersecurity today.
  • Get her take on some of the biggest security stories of 2021 such as Colonial Pipeline and the Pegasus Project.
  • Learn more about the key policy debates around election security and critical infrastructure protections.
Listen to the Podcast
Episode 10: Defense Digital Service Acting Director Katie Olson on drones, DEF CON and Hacking the Pentagon

Episode 10: Defense Digital Service Acting Director Katie Olson on drones, DEF CON and Hacking the Pentagon

Defense Digital Service Acting Director Katie Olson heads up a team of about 80 technologists working on some of the toughest challenges facing the U.S. Department of Defense. Since Katie started leading the team, often called the Pentagon’s “SWAT team of nerds," it has increasingly focused on the threat from drones, cybersecurity risks in space and the consequences of climate change. In this episode, Katie talks about this cutting-edge work, how DDS helped the Pentagon reduce the impact of COVID-19 and what big issues her team will tackle next. Why you should listen:
  • Learn about some of the most cutting-edge work going on inside the Pentagon.
  • Better understand emerging threats such as drones and risks associated with climate change.
  • Hear how DDS helped the military rapidly deploy technology to reduce the spread of COVID-19.
Listen to the Podcast
Episode 9: CryptoHarlem founder Matt Mitchell on Hacking for Humanity

Episode 9: CryptoHarlem founder Matt Mitchell on Hacking for Humanity

Earlier this year, the Electronic Frontier Foundation named Matt Mitchell, founder of CryptoHarlem, one of its 2021 Pioneer Award winners for his groundbreaking work to protect Black communities from surveillance. In this episode, Matt talks about what sparked his decision to apply his hacking skills to social justice causes and how that led to his role today as a Technology Fellow for the BUILD program at the Ford Foundation. Matt also discusses what Twitch can do to safeguard creators and the steps anyone can take to better protect themselves online. Why you should listen:
  • Hear from a hacker working on the frontlines of today’s most important racial justice issues.
  • Better understand the state of digital surveillance in Black communities.
  • Hear about what steps platforms such as Twitch can take to better protect creators.
  • Learn the three things everyone online should do to safeguard themselves on the internet.
  • Discover where “Mr. Robot” placed an elusive CryptoHarlem Easter egg.
Listen to the Podcast
Episode 8 - Lifelong Hacker Alyssa Miller Breaks Down Cybersecurity Barriers

Episode 8: Lifelong Hacker Alyssa Miller Breaks Down Cybersecurity Barriers

Alyssa Miller, Business Information Security Officer at S&P Global Ratings and author of the forthcoming book, “Cyber Defenders' Career Guide, is one of the most provocative, unfiltered and interesting voices in the cybersecurity community. She’s essential reading on infosec Twitter and a regular draw at conferences around the world. In this episode, she dives into all sorts of issues in the cybersecurity community, from incoherent job postings to a lack of diversity—she covers it all. Tune in to find out how you can best address these problems and also learn how to reach out of your comfort zone and forge your own path to success.
  • Figure out why most cybersecurity job postings “suck” and how the industry can help fix the issue.
  • Learn how to address key issues that come up during a cybersecurity job hunt.
  • Identify how to maximize opportunities for personal growth and realize your potential in the infosec community.
  • Understand how to be a better ally to underrepresented groups in the cybersecurity community.
  • Hear about the value of diversity and inclusion in cybersecurity.
Listen to the Podcast
Episode 7 - Google Cloud Evangelist Stephanie Wong on “blameless” security culture

Episode 7: Google Cloud Evangelist Stephanie Wong on “blameless” security culture

In this episode, Stephanie Wong, head of Google Cloud Developer Engagement, explores Google’s security culture, why it conducts “blameless” postmortems after security testing and how it’s working to dispel lingering misconceptions about the cloud. She also talks about her journey in Silicon Valley and how her experiences winning pageants such as Miss Asian North America 2020 helped her become one of today’s most visible technology content gurus.
  • Learn how to build an effective cybersecurity culture within your organization.
  • Get the inside scoop on the security precautions that Google takes with its physical data center.
  • Hear about what Google is doing to overcome misperceptions about cloud security.
  • Figure out how to conduct security postmortems the Google way.
  • If you don't know about the "pancake principle," you'll find out why it matters, and how it can work for you.
Listen to the Podcast
Episode 6 - Speaker's profile pics

Episode 6: “It’s so important that we build safeguards against our own frailty.”

In this episode, Cory Doctorow, activist, journalist and author who wrote the influential Little Brother cyberpunk series, gets into some big issues like surveillance capitalism and his work with the Electronic Frontier Foundation. He doesn’t hold anything back.
  • Hear from one of the smartest and most engaged technologists today on how technology can be used both for malicious purposes or for good.
  • Consider how bias can be built into code and have real-world implications.
  • Listen to Cory’s view on tech monopolies and his proposals for reversing their power over users and the internet more broadly.
  • Better understand why independent security research might seem counterintuitive to many people.
  • Hear the author of one most influential cyberpunk series discuss the origins of his latest book, Attack Surface.
Listen to the Podcast
Episode 5 - Speaker's profile pics

Episode 5: “I would nationalize Cloudflare. I would make it a national publicly run utility company.”

In this episode, Nick Merrill, a research fellow at the UC Berkeley Center for Long-Term Cybersecurity, makes a cybersecurity case for nationalizing major CDNs such as Cloudflare, issues some pretty stark warnings about the dangers of machine learning and digs into why stereotypical images of hackers in hoodies doesn’t help anyone. His viewpoints are sobering if not controversial and worth listening to for anyone who cares about the future of the global internet.
  • Get a fresh perspective on some of the biggest risks to the global web: unchecked algorithmic bias, the risk of attacks on massive CDNs and the growing internet fragmentation.
  • Consider some of the boldest ideas from one of the sharpest thinkers when it comes to how policymakers can make fundamental changes to protect the internet.
  • Hear Nick’s take on why art matters in cybersecurity -- and why stereotypical images of hackers in hoodies harm the public’s perceptions of information security.
  • Learn more about Fairness, Accountability and Transparency in Machine Learning and the growing movement to look more critically at the hidden algorithms that control the internet and much of technology today.
  • Consider how ransomware takedowns and other large-scale cyberattacks such as Colonial Pipeline erode public trust in technology.
  • Get a better understanding of why diversity in the cybersecurity industry matters when it comes to identifying real-world threats.
Listen to the Podcast
Episode 4 - Speaker's profile pics

Episode 4: Hacking the Novel: “I’m a technical person, therefore I create.”

Ryan Rutan has worked in tech support, as a computer repairman, application developer, software engineer, entrepreneur and head of community… and most recently, fiction writer. Listen to this episode to hear what inspired Fork This Life, a novel that follows the life of a teenager growing up with the early internet of the 90s who eventually gets into hacking, and how it relates to today’s cybersecurity challenges.
  • Get the inside story of how working in tech support informed Ryan’s career in cybersecurity.
  • Nerd out on nostalgia about the nineties tech scene.
  • Pick up tips for developing your creative voice.
  • Get tips for how you can help spread a culture of good security hygiene.
Listen to the Podcast
Episode 3 - Speaker's profile pics

Episode 3: “Everyone's identity has a place in a discussion about national security.”

In this episode, Lauren Bean Buitta, founder & CEO of Girl Security, discusses the importance of supporting, encouraging and training girls for careers in cybersecurity. She gets into why it's so critical to create — and protect — pathways for young women in order to build a more diverse industry, and why that really matters when it comes to making tough national security decisions that affect the entire population. She also describes her journey into security, and what led her to start Girl Security in the first place.
  • Better understand the value of gender diversity in cybersecurity.
  • Learn how to create trauma-informed programming that builds trust and understanding.
  • Discover how you can help develop new pathways for underrepresented cybersecurity talent.
  • Hear Lauren’s take on how identity can inform security decisions.
Listen to the Podcast
Episode 2 - Speaker's profile pics

Episode 2: “We — as defenders — need to know how to secure APIs.”

In this episode, author, hacker, entrepreneur and content creator Alissa Knight reveals her journey from “bullied computer nerd” to federal cybersecurity contractor to famed car hacker. She gets real about the risk of APIs, offers up some must-hear advice for anyone getting into cybersecurity and delivers candid views about the infosec industry as a whole.
  • Get inside the head of one of the most provocative and interesting cybersecurity influencers today.
  • Hear about her work with federal agencies to help secure the future of transportation.
  • Learn more about the urgent need for better Application Programming Interface (API) security.
  • Get new insights into the growing threat to health care organizations and financial institutions.
  • Hear Alissa’s take on how cybersecurity companies can improve their approach to content and marketing.
Listen to the Podcast
Episode 1 - Speaker's profile pics

Episode 1: “There is no ‘Take down the whole US grid’”

In our first episode, security experts and authors Sarah Freeman and Andy Bochman discuss today’s cyberthreat to utilities, debunk myths about taking down the entire grid and explain just how significantly the 2015 Ukraine power grid hack shifted everyone’s thinking when it comes to protecting critical infrastructure.
  • Hackers are targeting critical infrastructure and there’s an urgent need for smarter cybersecurity defenses to protect Operational Technology
  • Learn three essential practices that every utility operator should deploy to defend against attacks
  • Get the real story about the threat to the grid without the sensational hype. No, there is no such thing as “taking down the whole US grid.”
  • Why this is the “golden age” for cyberattacks.
Listen to the Podcast