Bug Bounties with Joran Honig

Bug Bounties with Joran Honig

Summary In this in-depth interview, Joran Honig, a renowned bug bounty hunter and security researcher, shares insights into finding crazy bugs, the differences between audits and bug bounties, and the role of AI in security workflows. Discover practical tips, mental models, and future trends in Web3 security and bug hunting. Key topics Edge case bugs and how to find them Differences between audits, bug bounties, and contest models The role of AI and automation in security research Tools and workflows for effective bug hunting Responsible disclosure and handling uncooperative projects   Sound Bites "AI can increase duplicates." "Grimoire guides audit tasks." "Flows help map complex code."   Resources Joran Honig X https://x.com/joranhonig Grimoire https://github.com/JoranHonig/grimoire Joran’s website https://joranhonig.nl/

Censorship Resistance with Shayan Eskandari

Summary In this in-depth interview, Shayan Eskandari shares his journey from security expert to privacy innovator, discussing censorship resistance, Web3 security, and the future of decentralized internet infrastructure. Discover how his project MoaV aims to empower users in restrictive environments and explore the role of blockchain in privacy and decentralization.   Soundbites "My belief in information being free drives everything." "My wife’s experience in Iran inspired Moav." "Privacy in blockchain is a complex, layered issue."   Resources The DAO Security Fund: https://qf.giveth.io/project/cyphertalk-podcast:-security-education-for-ethereum?roundId=16 [https://qf.giveth.io/project/cyphertalk-podcast:-security-education-for-ethereum?roundId=16] MoaV https://moav.sh/ [https://moav.sh/]  Shayan’s website https://shayan.es/ [https://shayan.es/] Shayan’s X https://x.com/sbetamc [https://x.com/sbetamc]

The State of Web3 Security with Diogo Patão from rekt.news

Summary This episode features a deep dive into two newly released reports on Web3 security by rekt.news and Oak Security, insights from industry experts, and discussions on the future of blockchain security. We explore recent hacks, the role of AI, and how the community can enhance security practices.   Soundbites "AI is here to help us, not just to attack." "Human attack vectors dominate the security issues." "Diversify your assets and protocols to stay safe."   Links The DAO Security Fund CypherTalk: https://qf.giveth.io/project/cyphertalk-podcast:-security-education-for-ethereum?roundId=16 [https://qf.giveth.io/project/cyphertalk-podcast:-security-education-for-ethereum?roundId=16] Rekt News: https://qf.giveth.io/project/rekt-news-ethereums-security-intelligence-layer?roundId=16 [https://qf.giveth.io/project/rekt-news-ethereums-security-intelligence-layer?roundId=16]   The Reports: Oak Security’s State of Web3 Security: https://research.oaksecurity.io/ [https://research.oaksecurity.io/]  Rekt News’ War Room Report: https://github.com/RektHQ/Reports/blob/main/Rekt_Security_Summit_War_Room_Report.pdf [https://github.com/RektHQ/Reports/blob/main/Rekt_Security_Summit_War_Room_Report.pdf]

Auditing Cryptographic Protocols with Nadim Kobeissi

Summary In this in-depth interview, Nadim Kobeissi shares his extensive experience in cryptography audits, the limitations of formal verification, responsible disclosure practices, and the future of cryptography and security, including post-quantum cryptography and AI's impact on cybersecurity.   Keywords cryptography, security audits, formal verification, post-quantum cryptography, zero-knowledge proofs, responsible disclosure, cryptographic protocols, AI cybersecurity, cryptography research, software security   Key Topics * Cryptography audit process and focus areas * Limitations of formal verification tools * Responsible disclosure methodology * Future threats in cryptography including AI and quantum computing * Educational tools for understanding cryptographic protocols   Sound Bites "Cryptography is about designing systems that are mathematically sound." "Claims of formal verification being bug-free are often exaggerated." "AI will be used to stockpile vulnerabilities and exploits."   Links Nadim’s website: https://nadim.computer/ [https://nadim.computer/] Nadim’s LinkedIn: https://www.linkedin.com/in/nadimkobeissi [https://www.linkedin.com/in/nadimkobeissi] https://symbolic.software/ [https://symbolic.software/] https://cure53.de/ [https://cure53.de/]

Password Manager Security and Applied Cryptography with Matilda Backendal

Summary In this in-depth interview, cryptography researcher Matilda Backendal [https://www.linkedin.com/in/matilda-backendal/] discusses applied cryptography, end-to-end encryption vulnerabilities, password manager security flaws, and the future of cryptographic research. Gain insights into real-world security challenges and best practices for protecting digital data. Keywords cryptography, end-to-end encryption, cloud storage security, password managers, cryptographic research, privacy, zero-knowledge proofs, digital identity, homomorphic encryption Key topics Applied cryptography and real-world applications Vulnerabilities in end-to-end encryption systems Security flaws in cloud storage and password managers Cryptographic research and formal verification Future trends and challenges in cryptography    Sound bites "Crypto is all around us in daily life." "Most cloud storage isn't end-to-end encrypted by default." "User-chosen passwords are a major security factor." Links Matilda's Website - https://mbackendal.github.io/ [https://mbackendal.github.io/] Paper - Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers - https://eprint.iacr.org/2026/058 [https://eprint.iacr.org/2026/058]