OWASP Top 10, Vibe Coding, and What Developers Miss w/ Tanya Janca

Prompt Injection Might Never Be Solved w/ Paul Vann

In this episode of Secure Disclosure, host Matt sits down with Paul Van, CEO and founder of Validia, to explore the frontier of AI security. Instead of focusing on how bad actors use AI tools, they dive deep into how to protect the AI models themselves from the inside out. From the unsolvable nature of prompt injections and the rise of distillation attacks to the reality of a "machine vs. machine" security landscape, Paul breaks down why traditional firewalls fail and how a model's behavioral "trauma response" might just be the key to defending LLMs. 🛡️ Support Our Sponsor:Stay Secure with Aikido security at https://aikido.dev [https://aikido.dev]

AI Broke the Security Ecosystem w/ Chris Hughes

In this episode of The Secure Disclosure, host sits down with Chris Hughes founder of Resilient Cyber, CISA Cyber Innovation Fellow, and a leading voice in cybersecurity. We dive deep into the chaotic and rapidly shifting landscape of software supply chain security, the sudden operational struggles of the National Vulnerability Database (NVD), and how AI is completely rewriting the rules of vulnerability management. From the technical and social engineering risks plaguing open-source software to the "human-in-the-loop" delusion, Chris shares his honest, unfiltered takes on where the industry is heading and why things will likely get worse before they get better. The episode wraps up with a chaotic round of "Would You Rather," forcing Chris to choose between missing firewalls, permanent vulnerability freezes, and total AI "vibe coding."

PostHog is placing a wild bet on AI Coding w/ James Hawkins

In this episode of Secure Disclosure, James Hawkins, the co-founder and co-CEO of PostHog, dives into the "radical transparency" that turned a pivoted startup into a billion-dollar open-source powerhouse. James shares his unfiltered thoughts on why most B2B software pricing is a scam, why "collaboration" is often just a form of procrastination, and how AI is fundamentally changing the role of the engineer from a code-writer to a product-architect.The conversation gets spicy as they discuss the security risks of open-source software in the age of AI, the controversy surrounding "vibe coding," and PostHog’s ambitious bet on a future where you might code via Slack, or even a phone call.

AI Panic is Driving Shadow IT w/ Noora Ahmed-Moshe

In this episode, we sit down with tech veteran and behavioral science enthusiast Noora Ahmed-Moshe to tackle the growing phenomenon of Shadow AI. As employees scramble to stay relevant in an AI-driven world, many are turning to unsanctioned tools, and bringing sensitive company data with them. Noora explains why "banning" these tools is a losing game and how organizations can bridge the gap between security and productivity. We dive into the "human layer" of cybersecurity, the million-dollar risk of AI note-takers, and how fostering psychological safety is the ultimate defense against the next big breach.

When AI Agents Change their Intent w/ Frank Vukovits

AI agents are transforming cybersecurity, from how access is granted to how attacks unfold. Frank Vukovitz (Delinea) joins Secure Disclosure to unpack the rise of non-human identities, the risks of autonomous agents, and why concepts like least privilege, identity lifecycle management, and continuous monitoring are more critical than ever. The big question: will AI ultimately make us more secure, or less?