Full Story, RSAC 2025
Editor
Fixing the Detection Disconnect and Rethinking ...

Fred Wilmot and Sebastien Tricaud challenge traditional detection models by introducing a faster, behavior-based approach that continuously generates and validates detections tailored to real-world threats. If you’re tired of optimizing broken processes and want to hear how teams can actually stay ahead of adversaries, this conversation is for you.

RSAC 2025
Editor
From Tools to Trust: Why Integration Beats ...

In this episode, Vivin Sathyan, Senior Technology Evangelist at ManageEngine, shares how contextual integration across IT management tools is reshaping how organizations respond to threats, align with business goals, and deliver measurable value. He also explains why thoughtful AI adoption, role-specific functionality, and global proximity to customers are essential to building trust and delivering results.

Full Story, RSAC 2025
Editor
From Red Teams to Real Impact: Bringing ...

Charles Henderson of Coalfire shares how cybersecurity programs can become more impactful by moving beyond tactical testing and toward coordinated, threat-driven operations that tell a complete story—from red teaming to executive reporting. He also reflects on the human side of the industry, from musical creativity to hacker culture, and why nurturing talent is key to long-term success.

RSAC 2025
Editor
Simplifying Cybersecurity Operations at Scale: ...

Stellar Cyber’s Subo Guha outlines how their open XDR platform and new autonomous SOC features are making enterprise-grade cybersecurity achievable for MSSPs and the organizations they support. By combining flexible integrations, case-based alerting, and hyper automation, Stellar Cyber is redefining how security operations can scale without overwhelming human teams.

RSAC 2025
Editor
Not So Contained: When Container Isolation Is ...

Containerization transformed development speed—but at what cost to security? In this episode, Emily Long, co-founder and CEO of Edera, explains how rethinking infrastructure from the kernel up is making true container isolation possible without sacrificing developer velocity or platform flexibility.

Anticipating The Next Decade of Bot-Enabled Threats | Exploring 10 Years of Imperva Bad Bot Reports | An Imperva Story With Karl Triebes

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Advanced bots are becoming increasingly difficult to detect and defend against, leaving organizations vulnerable to attacks that can compromise sensitive data and personal information of customers. In this blog post, we explore key measures that organizations can take to protect themselves against bot attacks, including implementing an API security strategy, adopting a layered security approach, utilizing effective technologies like AI, and implementing best practices.

The Fog of More, the Risk of Cybersecurity Commoditization, and the Race to the Bottom | A Their Story Conversation from RSA Conference 2023 | A Schellman Story with Michael Parisi

Their Story conversation with Sean Martin and Michael Parisi from Schellman

Michael Parisi and Sean Martin discuss the challenges of compliance, cybersecurity, and the risk of commoditization. They explore the role of stakeholders and the need for education among non-technical individuals to prevent a race to the bottom in cybersecurity.

Stronger Together: The Power of Relationships in Defending the Digital Lives of Executives | A Their Story Conversation from RSA Conference 2023 | A BlackCloak Story with Chris Pierson

Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson.

Digital executive protection has become top of mind for many cybersecurity leaders and their business owners. Chris Pierson, the founder of BlackCloak, discusses relationships and human empathy in cybersecurity with Marco Ciappelli and Sean Martin as he unveils BlackCloak's innovative new CISO Protection Dashboard.

How AI and NLP are Transforming Third Party Risk Assessment | A Their Story Conversation from RSA Conference 2023 | A VISO TRUST Story with Paul Valente and Russell Sherman

Their Story conversation with Sean Martin and Paul Valente and Russell Sherman from VISO TRUST

Explore the innovative approach to third-party cyber risk assessments with Paul Valente and Russell Sherman, as they share their journey of creating a cutting-edge platform that revolutionizes the traditional process, using AI and NLP to save time, reduce friction, and build trust.

,

Protecting Data in a Post-Modern World: The Evolving World of APIs, Regulations, and Advanced Technology | Imperva Stories From RSA Conference 2023 with Pam Murphy (CEO) and Kunal Anand (CTO and CISO)

,

A pair of Their Story conversation with Sean Martin and Imperva executives, Pam Murphy (CEO) and Kunal Anand (CTO and CISO).

In an increasingly interconnected world where information is critical to business success, organizations face numerous challenges and threats to their data. From the growing prevalence of APIs and shadow APIs, to navigating the ever-evolving regulatory landscape, organizations must stay abreast of the latest developments in cybersecurity. As technology continues to advance, incorporating AI-driven solutions and modernizing security frameworks becomes crucial in order to protect valuable information.

Balancing their responsibilities, CEOs, CTOs and CISOs must communicated and collaborate to carefully assess their risk management and security solutions based on time to value and total cost of ownership. By leveraging the expertise of security enablers like Imperva, businesses can successfully navigate the postmodern paradigm shift in cybersecurity and secure their digital assets in a rapidly changing landscape.

Join is for two conversations that will make you think differently about how you protect your data at every turn, in every form, and every location.

Maximizing Security in Hybrid Active Directory Environments | A Their Story Conversation from RSA Conference 2023 | A Quest Story with Sergey Medved and Matthew Vinton

Their Story conversation with Sean Martin and Matthew Vinton and Sergey Medved from Quest

In this Their Story conversation Matthew Vinton and Sergey Medved from Quest discuss the challenges that organizations face in securing Active Directory (AD), covering the importance of keeping on top of legacy AD systems.

The Five Pillars of CyberSecurity: Preparing for Continuous Compliance | A Their Story Conversation from RSA Conference 2023 | A VigiTrust Story With Mathieu Gorge

Their Story conversation with Sean Martin and CEO at VigiTrust

Mathieu Gorge discusses GRC software and the VigiOne tool that enables continuous compliance. He shares his thoughts on cybersecurity risk and his Five Pillars of Security framework. Gorge also talks about the VigiTrust Global Advisory Board, a think-tank that brings together people from all over the world to discuss topics such as cybersecurity risk and critical infrastructure protection.

The Past of the Future: Pioneering Decryption with AI and Quantum Physics | A Their Story Conversation from RSA Conference 2023 | A SandboxAQ Story with Clément Jeanjean

Their Story conversation with Sean Martin, Marco Ciappelli, and Clément Jeanjean, Senior Director at SandboxAQ

Clément Jeanjean shares how SandboxAQ aims to tackle difficult problems by combining quantum physics and. He discusses the timeline, risks, and migration challenges linked to quantum computing's arrival.

It’s Difficult to Secure the Invisible: Reinventing Asset Management for Modern Challenges in IT, IoT, and OT | A RunZero Story with Huxley Barbee

Their Story conversation with Sean Martin, Marco Ciappelli, and Huxley Barbee, Security Evangelist at RunZero

In this Their Story podcast on ITSPmagazine, Huxley Barbee emphasizes the importance of comprehensive asset inventory in prioritizing security efforts. The discussion covers RunZero's approach to asset management, highlighting the role of visibility in addressing security challenges and improving business decision-making.

The Mainframe Advantage: Robust Security Meets Infrastructure Modernization | A Rocket Software and KRI Security Story with Phil Buckellew and Cynthia Overby

Their Story Conversation With Sean Martin, Marco Ciappelli, Rocket Software’s Phil Buckellew, And KRI Security’s Cynthia Overby

Explore the value of mainframes and the role of cybersecurity in advanced, critical operating environments. Join Sean Martin, Phil Buckellew, and Cynthia Overby to learn how businesses can modernize and secure mainframe infrastructures for business innovation and resiliency.

Don't miss out – listen now!

Robotic Waterway Crusaders | Harnessing Autonomous Tech to Tackle Waterway Pollution | A Ranmarine WasteShark Story with Alistair Longman

Their Story conversation with Sean Martin, Marco Ciappelli, and Alistair Longman, CTO and Chief Product Officer, Ranmarine Technology

Discover how Ranmarine Technology's WasteSharks are revolutionizing water cleanup using autonomous robots inspired by whale sharks, the world’s largest fish. Dive into this captivating podcast episode and explore the impact of their technology on the environment and the future of waste management.

Safeguarding the C-Suite | Pioneering the Future of the Executive Digital Protection Revolution | A BlackCloak Story from RSA Conference 2023 with Chris Pierson and Daniel Floyd

Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson, and CISO, Daniel Floyd.

Dive into the world of executive cybersecurity with BlackCloak, the ultimate protector of personal and corporate digital realms. Discover how their innovative solutions are transforming the cybersecurity landscape and securing the future for executives, high-profile individuals, and their families.

The Impact Of Log4j Since Its Disclosure | Steps Businesses Can Take To Maintain Software Supply Chain Security | An Imperva Story With Gabi Stapel And Peter Klimek

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

The December 2021 log4j vulnerability was a major event in the cybersecurity world. When it was released and exposed to the internet, it caused an explosion in attacks with five and a half million attacks per day and up to 25,000 sites attacked per hour.

The vulnerability affects any system running that version of Java lookup and could be at risk, even if it is only exposed internally to insiders. The attackers initially used scanning and checking to see which sites were vulnerable, and then it was automated. Attack tools were created to make it easier for attackers to reach as many targets as possible.

Public awareness campaigns have been effective, but vulnerabilities can reappear due to the prevalence of the software. 72% of organizations still had some level of vulnerability to log4j as of October 2022.

Why Protecting Your Business Data Is More Like Securing A Museum Than A Bank | Demystifying Data Protection | An Imperva Story With Terry Ray

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Data is dynamic. Data is unique. It's critical for businesses to maintain data security and integrity by treating it differently based on what it is, what it's for, who is accessing it, how it's being used, and the overall context surrounding these things.

Join us for a conversation with Terry Ray, SVP Data Security GTM, Field CTO, and Imperva Fellow, as we demystify data protection.

Why Privacy Compliance Is A Challenge For Many Organizations | Prepare To Meet Varying Compliance Requirements | An Imperva Story With Kate Barecchia

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Over 100+ countries and counting (along with a growing number is U.S. states) have enacted data privacy legislation, creating a super-complex global data privacy landscape. Unless, of course, you approach the situation with a different mindset.

Join us to explore the relationship between privacy, security, compliance, and ethics as organizations try to find the perfect balance in data creation, collection, storage, usage, and collaboration.

Don’t worry, we’ll set the record straight for the differences between the “DPO” and the “DPO” … as well as the participation and responsibilities of security, privacy, engineering, legal, compliance, and more.

DDoS: An Old Problem Taking On New Forms As Attack Vectors Evolve | Exploring The Imperva DDoS Threat Landscape Report | An Imperva Story With David Elmaleh

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

The “waves” of ransom-driven DDoS — Distributed Denial of Service — attacks continue to come as the attack vectors, techniques, and targets continue to evolve. Where does this leave us? Let's look to the DDoS Threat Landscape Report from Imperva to glean some answers.

As we connect with David Elmaleh, during this episode, we quickly realize there is a lot to catch up on — past, present and future — for what appears to be a never-ending problem in DDoS. Attacks seems to be be repeatedly targeting the same victims and are coming more quickly and running for shorter periods. Don't be fooled, however, the financial impact due to the unplanned and seemingly-uncontrolled downtime is wreaking havoc on industries and organizations all around the globe.

In addition to leveraging new techniques, bad actors are also using advanced technologies — artificial intelligence, the Internet of Things (IoT), and 5G to name but a few — to do their dirty deeds. They are investing in these technologies to help them scale their operations to reach more targets with fewer resources. On the other side of this coin, the bad actors' deep understanding of these technologies and the new, modern architectures and infrastructures that companies are building with them, makes them prime targets as well. The expanded business capabilities using these advanced technologies equate to expanded attack surface for the DDoS slingers to target.

We cover a lot from the first 2 quarters of this quarterly report while also getting to hear what some real-world cases from Imperva customers sound and look like.

It's time we found a way to handle these distributed attacks. Have a listen to hear what your business can do to mitigate this risk.

Automated Security Validation With Red Team Penetration Testing Software | There Is A Silver Lining | A Pentera Podcast Story With Aviv Cohen

A Their Story conversation with Sean Martin, Marco Ciappelli, and Pentera’s CMO, Aviv Cohen

This is a story that begins with the journey of Arik Liberzon, the founder and CTO and head of the R&D and product teams at Pentera. Arik was the head of the red team for the Israeli Defense Forces, chartered with pentesting — or red teaming — all of the strategic assets against nation state levels of threats. He did so with a great number of people, just like you would expect to do with an enterprise level red teaming program, tapping into a wealth of ethical hackers and red teamers. But he also had another part of his brain, which was all about software.

This story, and the broader capabilities, mission, and vision for the future at Pentera, was told to us by Aviv Cohen, Pentera's Chief Marketing Officer. Connecting the human element to software and operations, the team at Pentera believe it's important to have a human view for the challenges organizations face when managing their security programs. This is why Pentera created a series of cyber cartoons that are specialized to represent cybersecurity life. The cartoons connect the life of cybersecurity personnel and their role in society. This is a way for us to laugh, adding some humor to reality, connecting the technology products and services that we provide to this reality.

The software-enabled red team army is here and ready to join your team. Have a listen and connect with the team at Pentera to begin and continue your own red team journey.

Pentesting Done Right | It's Time To Re-Imagine You Penetration Testing Program To Achieve Outcomes Over Activity | A Bugcrowd Story With Justin Kestelyn

A Their Story conversation with Sean Martin, Marco Ciappelli, and Bugcrowd

Join us for a conversation with Justin Kestelyn as take a unique journey into the past, present, and future of penetration testing. We get the opportunity to explore the how the role of a pentest has evolved as part of a larger security program, how the tools have involved, how the technique and skills has transformed, and how the human element is still key when outcomes matter more than just showing the results of a scan.

It's time to re-imagine penetration testing. Let's do that together now.

Have a listen.

Diving Deeper Into The Who, What, When, Why, And How Of Breaking Into Cybersecurity | Chapter 2 | A Level Effect Story With Anthony Bendas, Will Nissler, And Sidney Crout

A Their Story conversation with Anthony Bendas, COO at Level Effect, Will Nissler, Infrastructure Lead & Cybersecurity Instructor at Level Effect, and Sidney Crout, CDCP Certified Graduate of Level Effect, Threat Hunter at Confidential.

There are so many questions that come with pursuing a cybersecurity career and education. Listen as we answer many of these questions and discuss how Level Effect sets its students up for success.

We go into detail about who might be a good fit to work in cybersecurity (hint: almost anyone!), what types of information students will need to know and what skills lend themselves to catching on to the learning materials quickly, when it might be a good time to start taking the next step in your education or career process, where you can go now to find resources, and why Level Effect strives to help its students every step of the way if they are willing to put in the work!

This episode also sheds light on the four professionals speaking, and many others, who have taken a similar "non-traditional path" to make their way into successful cybersecurity careers.

Everything Is Driven By Code And Code Is Controlled By APIs: Securing Apps Through Research, Assessments, Scanning, And Training | A Checkmarx Origin Story With Renny Shen And Bryant Schuck

A Their Story conversation with Sean Martin, Marco Ciappelli, and Checkmarx’s Renny Shen and Bryan Schuck.

Application development has become an extremely complex endeavor, with multiple components involved ranging from open source libraries to share cloud services accessed through APIs. The only thing more difficult than building an advanced application is securing it. But it doesn't need to be that way.

This is where Checkmarx comes in. With a focus on application and API security assessments, scanning, and training, DevOps and AppSec teams can work together to reduce the complexity in application development and delivery, ensuring that time-to-market requirements are met alongside functional requirements and security requirements.

Listen in as we get to hear from Renny and Bryant about the origin and journey of Checkmark - past, present, and future.

Stay Tuned on ITSPmagazine Podcasts

Broadcasting Ideas. Connecting Minds. A Modern Innovative Multi-Media Platform.
A Global Space Where Intellectual Exchange Is Encouraged.

Musing On: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring | Creativity | Writing | Space Exploration and Security | Music | Musicians | Musical Instruments | Arts | Brands & Brand Marketing | …

Subscribe to the main ITSPmagazine Podcast Channel to listen to all our conversations directly on your favorite podcast player.

Note: These are links to the General ITSPmagazine Podcast where MOST episodes from our individual Podcast Channels are published. To subscribe to your favorite shows, please visit Our Podcasts Page

If you do not see your favorite player above, open it and search for ITSPmagazine Podcast.