Free Daily Podcast Summary
Safe Mode Podcast: Daily Summaries Delivered
by Safe Mode Podcast
Podcast by Safe Mode Podcast
Latest Episodes
The most recent episodes — sign up to get AI-powered summaries of each one.
- Yesterday40 min
Zero days, zero order: The chaos reshaping vulnerability disclosure
The rules of responsible disclosure were written for a different era — one where humans found bugs, humans reported them, and 90 days felt like plenty of time to patch. That era is over. In this episode, Greg sits down with Gal Elbaz, co-founder and CTO of Oligo Security, to unpack how AI-assisted vulnerability research is breaking the frameworks the security industry has relied on for decades. From MITRE admitting it can no longer keep up with the volume of CVE reports, to Linus Torvalds saying the same about the Linux kernel, the cracks in the system are impossible to ignore. Gal draws on his years as a hands-on researcher at Check Point — and his current work leading Oligo's research team — to offer perspective from both sides of the disclosure table. He and Greg dig into the Microsoft controversy, the tension between researcher leverage and community responsibility, and why the Spider-Man rule applies more than ever to the security research community right now. They also tackle the big questions: Should disclosure timelines be based on exploitability rather than a fixed number of days? Who owns the decision to accelerate a disclosure? And is it time to throw out CVSS scores and build something new? Gal's bottom line: the noise needs to be cut, the critical bugs need better definition, and both vendors and researchers need to get back to the table — as humans. For our reporter chat, Greg talked with Derek Johnson about the reaction to the Trump administration's fight with Anthropic.
- 1 weeks ago33 min
Why the autonomous SOC Is the wrong goal
On this week's episode, we're joined by Mike Nichols, General Manager of Security at Elastic, fresh off the Gartner Security and Risk Summit in the D.C. area, where AI dominated every conversation on the conference floor. Mike walks us through what CISOs are actually asking about, what a real agentic SOC looks like in practice, and why keeping humans on the loop is the key philosophical distinction that separates a thoughtful AI implementation from a reckless one. The conversation covers "tribal knowledge," shadow AI, prompt injection, model sovereignty, and the exploding attack surface that AI agents themselves create, with Mike making the case that AI adoption is a dial and not a switch, and that transparency, explainability, and a healthy dose of skepticism are the foundation of building trust that actually sticks.
- 2 weeks ago35 min
The last layer standing
What happens when an "assume breach" scenario turns into a total corporate wipeout? In this episode of Safe Mode, host Greg welcomes Brandon Willitts, Director of Cyber Resilience at Everpure, to pull back the curtain on a devastating "malwareless" attack that deleted over 80,000 endpoints at a Fortune 100 company. When adversaries exploit valid credentials to compromise the entire identity plane, your own endpoint management tools can be weaponized against you. Brandon breaks down how separating the storage layer from the identity blast radius—and leveraging immutable snapshot technology—allowed a non-technical engineer to jumpstart a full recovery in just days rather than months. In our reporter chat, Greg talks with Derek Johnson about all the AI security news that has happened over the past week.
- 3 weeks ago37 min
From Two Weeks to Three Days: The KEV Deadline Debate
Drawing on his experience from his time in government working directly on CISA’s Known Exploited Vulnerabilities (KEV) catalog, Todd Beardsley, VP of Security Research at runZero, explains what it actually took behind the scenes to get a vulnerability added: verifying that real exploitation occurred, confirming the incident mattered to federal interests (including state/local governments, critical infrastructure, or allied nations), and ensuring there was a concrete remediation option before publishing. He walks Greg through how those judgments tied back to Binding Operational Directive 22-01 and how deadlines were set and adjusted from the two-week baseline—context that frames the recent trend toward three-day turnaround requirements. From that insider perspective, Beardsley outlines the practical risks of compressing timelines (especially around testing and change-control realities across 100+ civilian agencies) and why ultra-short deadlines can dilute KEV’s value as an “urgency signal,” even as they may push agencies to modernize staffing, automation, and patch processes to respond faster.
- 4 weeks ago38 min
Can specialized security survive Daybreak and Mythos?
In this episode, we sit down with Lior Div, CEO of 7AI, at a moment when the ground is shifting under the entire security industry. With AI lowering the barrier to entry for attackers, supply chain compromises spreading at worm speed, and OpenAI and Anthropic racing to plant their flags in enterprise cyber defense, the pressure on defenders has never been more acute. We push Div on the hard stuff — whether agentic defense actually closes the asymmetry gap or just keeps pace with it, what Mini Shai-Hulud exposes about the blind spots in how we trust software, how the arrival of Daybreak and Glasswing changes the competitive landscape for pure-play security companies, and whether the industry is building toward genuine resilience or just faster reactions to inevitable breaches. Speaking in Mini Shai-Hulud, Greg talks about a whirlwind week of reporting that covered all the security incidents tied to the malware.
- May 14, 202631 min
Why access brokers have stubbornly remained successful
Anna Pham of Huntress joins Safe Mode to discuss the current landscape of initial access brokers and how their tactics continue to support ransomware operations. She explains that attackers are still finding success with drive-by downloads, Trojanized installers, fake browser updates, click-fix attacks, exposed RDP, VPN weaknesses, and vulnerable edge devices. The conversation also covers how access is monetized, what defenders can look for before ransomware deployment, and why limited endpoint visibility often leaves organizations exposed. Fam emphasizes that basic cyber hygiene still matters: close exposed ports, enforce MFA, use complex passwords, apply least privilege, patch systems, and maintain broad visibility across the environment. In our reporter chat, Greg talks with Matt Kapko about the security incident that impacted Canvas.
- May 7, 202628 min
Can you prove which agent did what?
In this week's episode, Greg Otto talks with Howard Ting, CEO of Opal Security, about the growing security challenges created by AI agents inside the enterprise, especially around identity governance, access control, and runtime authorization. As organizations adopt coding agents, workplace assistants, and other AI tools, traditional approaches to managing human access are being pushed beyond their limits by the speed, scale, and context required for agent-driven decisions. The conversation explores the risks of shadow AI, overprivileged agents, unintended data exposure, and the difficulty of enforcing least privilege when agents act on behalf of employees across sensitive systems. It also looks at what CISOs and security teams need to prioritize now, from gaining visibility into agent activity to building policy-aware controls that can make real-time access decisions and safely support AI adoption. In our reporter chat, Greg talks with Derek Johnson about a lawsuit where a dating app stole an influencer's TikTok videos to use in targeted ads to people she knew, all without her consent.
- Apr 30, 202643 min
How government and Industry can raise the cost of cybercrime
Sophos CEO Joe Levy and Director of Government Partnerships Alex Rose join Safe Mode from Washington, D.C. to discuss what meaningful public-private cybersecurity partnership looks like right now—moving beyond “window dressing” to real operational collaboration with agencies like CISA and the FBI. They break down the shift from Secure by Design to Secure by Demand, arguing that procurement and market forces must pressure software vendors to ship safer defaults, while AI simultaneously accelerates both vulnerability discovery and attacker capability. The conversation also spotlights why small and midsize businesses are disproportionately exposed yet often underserved, and previews Sophos’s upcoming CISO Advantage concept to help close the massive cybersecurity leadership gap. Finally, they examine rising open-source software risk—including maintainers being overwhelmed by low-quality AI-generated vulnerability reports—and why addressing OSS security will require coordinated action across government and industry. In our reporter chat, Greg talks with Tim Starks about the oral arguments held at the Supreme Court in relation to a case that deals with the future of geofence warrants.
Customized Recaps
AI-powered recaps with compact key takeaways, quotes, and insights.
Straight to Your Inbox
Get key takeaways from Safe Mode Podcast in a 5-minute read.
Save Hours Every Week
Stay current on your favorite podcasts without falling behind.
Frequently Asked Questions
What is Podzilla's Safe Mode Podcast daily summary?
It's a free AI-powered email that summarizes new episodes of Safe Mode Podcast as soon as they're published. You get the key takeaways, notable quotes, and links & mentions — all in a quick read.
How does the Safe Mode Podcast podcast summary work?
When a new episode drops, our AI transcribes and analyzes it, then generates a personalized summary tailored to your interests and profession. It's delivered to your inbox every morning.
Is this an official Safe Mode Podcast product?
No. Podzilla is an independent service that summarizes publicly available podcast content. We're not affiliated with or endorsed by Safe Mode Podcast.
Can I get summaries of other podcasts too?
Absolutely! The free plan covers up to 3 podcasts. Upgrade to Pro for 15, or Premium for 50. Browse our full catalog at /podcasts.
How often does Safe Mode Podcast release new episodes?
Safe Mode Podcast publishes weekly. Our AI generates a summary within hours of each new episode.
What topics does Safe Mode Podcast cover?
Safe Mode Podcast covers topics including News. Our AI identifies the specific themes in each episode and highlights what matters most to you.
Start getting Safe Mode Podcast summaries tomorrow morning.
Free forever for up to 3 podcasts. No credit card required.
Free forever for up to 3 podcasts. No credit card required.