Down the Security Rabbithole Podcast (DtSR)
This is Cybersecurity's premier podcast. Running strong since 2011 Rafal Los, James Jardine, and Jim Tiller bring a no-nonsense, non-commercial approach to our profession. DtSR brings interviews and discussion with people you want to meet, and stories you have to hear. So whether you're just starting out, or are decades deep into your career, you'll always learn something on this show.
On Twitter/X: https://twitter.com/@DtSR_Podcast
On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
Episodes
734 episodes
DtSR Episode 697 - The Precarious Evolution of the CISO Role
TL;DR: On this episode of the pod, G. Mark Hardy joins Jim, James, and Rafal to talk about the precarious evolution of the role of the CISO. We even delve into the definition and...
•
Season 16
•
Episode 697
•
43:42
DtSR Episode 696 - Zero Trust CyberSecurity Shenanigans
TL;DR: This week's podcast is live'ish from Zero Trust World 2026, put on by ThreatLocker. It's a lively conversation with their
•
Season 16
•
Episode 696
•
25:22
DtSR Episode 695 - Cyber Is Headed for a Market Meltdown
TL;DR: Is cybersecurity headed for a market meltdown? Are we watching the bubble pop? Patrick Dennis joins Rafal to give some observations, analyze and provide guidance on wh...
•
Season 16
•
Episode 695
•
50:16
DtSR Episode 694 - Seasonal Martyrdom and Cyber Burnout
TL;DR: We've all experienced it - either you're the one, or you know someone, who works themselves to death. Whether it's "part of the job" or part of the job - it always leads to the same end.
•
Season 16
•
Episode 694
•
45:43
DtSR Episode 693 - The Most Important AI Conversation
TL;DR: This is one of the most relevant AI conversations, in the moment. Gadi Evron joins me to talk about how AI is not just changing everything, but how it's actually going to i...
•
Season 16
•
Episode 693
•
59:38
DtSR Episode 692 - Ran Nahmias the Perpetual Entrepreneur
TL;DR: What's it like to be an entrepreneur your entire career? Always trying something new, always doing something different? Ask Ran Nahmias, someone who's been around long eno...
•
Season 16
•
Episode 692
•
38:36
DtSR Episode 691 - How to Make External Security Testing Useless
TL;DR: Today, Julian Brownlow Davies rejoins the pod (Ep 688) to continue the conversation about 3rd party external security testing. It's strong opinions and tales of woe all around.Episode 688:
•
Season 16
•
Episode 691
•
38:41
DtSR Episode 690 - Defenders of the Internet Pipes
TL;DR: This week's guest is Matt Carothers who works at a major Internet provider. We talk about defending, strategy, and some of the interesting topics that come with the job. ...
•
Season 16
•
Episode 690
•
44:02
DtSR Episode 689 - Off the Rails - Social Media is Evil
TL;DR: Social media is corrupting our kids, radicalizing your neighbors, and being basically evil with no checks. This episode is an "off the rails" discussion on a not-so-clearly Cyber Security topic, with us diving deep and gettin...
•
Season 16
•
Episode 689
•
51:31
DtSR Episode 688 - Looking for Meaning in the Signal
TL;DR: Grab your favorite note-taking thing, this week's pod features Julian Brownlow Davies of BugCrowd and it's chock full of things you'll want to look up. We tackle...
•
Season 16
•
Episode 688
•
43:37
DtSR Episode 687 - Dan Geers Wisdom from 2014
TL;DR: This week's episode is a special one. I (Rafal) revisit episode 100 with the one and only Dan Geer. Some shows are "in the moment", some are timeless. This show is timeless. Dan's wisdom and insights are as applicable today a...
•
Season 16
•
Episode 687
•
1:02:03
DtSR Episode 686 - An Unexpected Windows XP Conversation
TL;DR: On today's pod, Rob Allen of ThreatLocker makes his triumphant return to derail us straight into a conversation about legacy systems and why he's still supporting Win...
•
Season 16
•
Episode 686
•
49:30
DtSR Episode 685 - Weaponized AI is Real Now What Pt 1
TL;DR: In part 1 of 2, Gadi Evron joins the show and chats with Jim and Rafal on the topic of the "AI Cataclysm". What does that even mean? Listen in - but it's part to do with how AI is changing the attacker model (level of effort,...
•
Season 16
•
Episode 685
•
37:33
DtSR Episode 684 - AI Agents Gone Rogue
TL;DR: This week's show features Aaron Costello, and is all about an analog from real-world attacks on humans, applied to AI "agents". I know what you're thinking - computers are supposed to be more difficult to trick, right? Right....
•
Season 16
•
Episode 684
•
50:04
DtSR Episode 683 - Sometimes You Have to Step Away
TL;DR: On this episode, it's just Jim and Rafal talking about how sometimes you just need to take a big step back from your day job and touch some grass. Our chosen profession is, demanding, to say the least. So let's take a minute ...
•
Season 16
•
Episode 683
•
37:37
DtSR Episode 682 - A Third Opinion on Vulnerability Ranking
TL;DR: This week's pod features a conversation with the Jay Jacobs, whom had previously been on the show talking about this very topic (vulnerability ranking/scorin...
•
Season 16
•
Episode 682
•
48:48
DtSR Episode 681 - AppSec Whack-a-Mole
TL;DR: John Rafal & Jim as we welcome Dustin Lehr to talk about the state of AppSec and how we got here. We discuss vulnerabilities, accountability, culture, and a host of other t...
•
Season 16
•
Episode 681
•
49:14
DtSR Episode 680 - Debating Patching and Vulnerability Scoring
TL;DR: We heard RSnake's take on CVSS and CVEs and such, now let's hear B...
•
Season 16
•
Episode 680
•
55:57
DtSR Episode 679 - Wasting Time Patching
TL;DR: Patching. Your least favorite thing. Well, it turns out that most of the work we have been doing in the last 20+ years has been for nothing. Robert "RSnake" Hansen's th...
•
Season 16
•
Episode 679
•
55:29
DtSR Episode 678 - CyberSecurity Has Lost the Plot
TL;DR: This week's pod features your favorite hosts reflecting on how security has lost its way. When everything is a catastrophe, nothing is. When every breach is world-ending, none of them matter. Have we completely lost the plot? Prep...
•
Season 16
•
Episode 678
•
44:32
DtSR Episode 677 - Is Cyber Insurance the Answer or A Question
TL;DR: On this week's pod - Sean Scranton and Shawn Tuma make a return appearance to talk about Cyber (Security) ...
•
Season 16
•
Episode 677
•
48:25
DtSR Episode 676 - Privacy and Healthcare Data at Crossroads
TL;DR: This week's pod is all about healthcare-related data that is bought and sold the world over - and how you this data can be utilized while still preserving privacy. In this mind-blowing segment,
•
Season 16
•
Episode 676
•
43:58
DtSR Episode 675 - Trey Ford on the Mind of CISOs
TL;DR: If you've ever wondered what goes through the mind of a top-tier CISO, wonder no longer. This week's episode features Trey Ford talking a little nostalgia, and a little of w...
•
Season 16
•
Episode 675
•
46:16
DtSR Episode 674 - 3rd Party Risk is a Mess
TL;DR: Let's talk, err, lament, Third Party Risk programs. Who has time for these, and is there any real value in identifying 3rd party risks? Or is it just all theater for the lawyers?
•
Season 16
•
Episode 674
•
44:56
DtSR Episode 673 - Crash Out to Cash Out
TL;DR: This week's episode is what happens when I go on vacation and have a little time to think. So here we go - let's talk about this Jaguar Land Rover was compromised and ransomware spread. The damage has been 'extensive' t...
•
Season 16
•
Episode 673
•
43:13