AI Broke the Security Ecosystem w/ Chris Hughes

AI Broke the Security Ecosystem w/ Chris Hughes

In this episode of The Secure Disclosure, host sits down with Chris Hughes founder of Resilient Cyber, CISA Cyber Innovation Fellow, and a leading voice in cybersecurity. We dive deep into the chaotic and rapidly shifting landscape of software supply chain security, the sudden operational struggles of the National Vulnerability Database (NVD), and how AI is completely rewriting the rules of vulnerability management. From the technical and social engineering risks plaguing open-source software to the "human-in-the-loop" delusion, Chris shares his honest, unfiltered takes on where the industry is heading and why things will likely get worse before they get better. The episode wraps up with a chaotic round of "Would You Rather," forcing Chris to choose between missing firewalls, permanent vulnerability freezes, and total AI "vibe coding."

PostHog is placing a wild bet on AI Coding w/ James Hawkins

In this episode of Secure Disclosure, James Hawkins, the co-founder and co-CEO of PostHog, dives into the "radical transparency" that turned a pivoted startup into a billion-dollar open-source powerhouse. James shares his unfiltered thoughts on why most B2B software pricing is a scam, why "collaboration" is often just a form of procrastination, and how AI is fundamentally changing the role of the engineer from a code-writer to a product-architect.The conversation gets spicy as they discuss the security risks of open-source software in the age of AI, the controversy surrounding "vibe coding," and PostHog’s ambitious bet on a future where you might code via Slack, or even a phone call.

AI Panic is Driving Shadow IT w/ Noora Ahmed-Moshe

In this episode, we sit down with tech veteran and behavioral science enthusiast Noora Ahmed-Moshe to tackle the growing phenomenon of Shadow AI. As employees scramble to stay relevant in an AI-driven world, many are turning to unsanctioned tools, and bringing sensitive company data with them. Noora explains why "banning" these tools is a losing game and how organizations can bridge the gap between security and productivity. We dive into the "human layer" of cybersecurity, the million-dollar risk of AI note-takers, and how fostering psychological safety is the ultimate defense against the next big breach.

When AI Agents Change their Intent w/ Frank Vukovits

AI agents are transforming cybersecurity, from how access is granted to how attacks unfold. Frank Vukovitz (Delinea) joins Secure Disclosure to unpack the rise of non-human identities, the risks of autonomous agents, and why concepts like least privilege, identity lifecycle management, and continuous monitoring are more critical than ever. The big question: will AI ultimately make us more secure, or less?

OWASP Top 10, Vibe Coding, and What Developers Miss w/ Tanya Janca

Tanya Janca joins the podcast for a sharp, no-nonsense conversation on the OWASP Top 10, why secure coding still gets skipped, and how AI is reshaping the way developers build and review software. She breaks down why broken access control keeps topping the charts, what security teams keep getting wrong, and how to create guardrails developers will actually use. The episode also dives into vibe coding, supply chain risk, and the future of secure software training. It’s fast, practical, and packed with opinions worth stealing.