TechRiot.io
Cloud Security Podcast
Learn Cloud Security in Public Cloud and for AI systems, the unbiased way from CyberSecurity Experts solving challenges at Cloud Scale. We are honest because we are not owned by Cloud Service Provider like AWS, Azure or Google Cloud. We aim to make the community learn Cloud Security through community stories from small - Large organisations solving multi-cloud challenges to diving into specific topics of Cloud Security. We STREAM interviews on Cloud Security Topics every week on Linkedin, YouTube and Twitter with over 150K people tuning in.
Author
TechRiot.io
Category
Podcast website
Latest episode
Jul 9, 2026
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
The Hidden Cost of BlackBox AI: Bridging Cloud and Code Security 09.07.2026 42:44
Traditional SCA and SAST tools are notorious for drowning security teams in false positives, historically flagging nine out of ten alerts incorrectly. But while generative AI seems like a magic bullet, simply wrapping an out-of-the-box LLM around your code can result in confident hallucinations and astronomical costs extrapolating to as much as $52 million a year for a large enterprise using front...
Who Governs Your AI Agents? Identity, Offboarding & Open Standards 02.07.2026 34:42
Are overprivileged AI agents the biggest emerging threat in cybersecurity? In a recent high-profile attack, a vibe-coding company had its entire source code stolen because an attacker exploited a long-lived, overprivileged token tied to a third-party AI agent. In this episode, Ashish sits down with Ely Kahn, CPO at Okta, to unpack the challenge of managing Non-Human Identities (NHI) in the AI era....
AI-Powered Forensics: How Attackers Automate Breaches 23.06.2026 39:12
AI isn't necessarily creating impossible new attacks, but it is drastically lowering the technical barrier to entry for cybercriminals. In this episode, Ashish Rajan speaks with Simon Biggs, Cyber Incident Response Specialist at Varonis, about how AI is accelerating the attack lifecycle. Simon explains how attackers are using AI kits to instantly set up ephemeral phishing portals, query SQL da...
The 4 Pillars of AI SOC:From Threat Hunting to Vibe Hunting 16.06.2026 46:56
Threat hunting has officially evolved into "vibe hunting". However, if your AI security tools lack the right semantic context, they might be doing more harm than good. In this episode, Ashish sits down with Aqsa Taylor , Chief Security Evangelist at Exaforce , to discuss the rapidly changing landscape of Security Operations Centers. Aqsa explains how her team coined the term "vibe h...
Native Cloud Firewalls Falling Short in a Multicloud World 11.06.2026 36:34
As enterprises expand across multiple cloud environments, on-premise data centers, and dynamic AI workloads, traditional perimeter defenses and siloed cloud-native tools are no longer enough to secure the modern network. In this episode, Ashish sits down with Murali Rathinasamy, Senior Director of Product at Cisco, to break down the next evolution of network security: the Hybrid Mesh Firewall. Mur...
How AI Agents Will Negotiate Your Vendor Contracts 27.05.2026 37:40
Third-Party Risk Management (TPRM) has historically been a tedious, 200-page paper exercise that felt like being catapulted back to 1979. But AI is changing that. In this episode, Ashish sits down with Igor Andriushchenko (CISO at Lovable) and Jasper Mills (CEO of Ethira) to discuss the collision of TPRM and AI. We dive into the hidden risks of Shadow AI, exploring the chaos that ensues when non-t...
How Claude Mythos Changes Vulnerability Management: From CVSS to Exploitability 05.05.2026 44:38
Is your vulnerability management program ready for something like Claude Mythos? The old days of treating vulnerabilities as temporal events (like Heartbleed or Log4J) and patching them on a leisurely 30, 60, or 90-day cycle are officially over. In this episode, Ashish sits down with Brad Hibbert, COO and Chief Strategy Officer at Brinqa. Brad explains how the release of Anthropic's Claude Myt...
AISPM Isn't Enough: How to Apply Zero Trust to AI Agents 29.04.2026 54:01
We are officially entering the "Multi-AI Era." Much like the multi-cloud times, organizations are no longer just using a single AI tool like Microsoft Copilot, they are building custom, agentic workflows using diverse third-party models and MCP servers . In this episode, Ashish sits down with Shawn Hays from Varonis to discuss why the security market has over-pivoted on AISPM (AI Securit...
The Rise of Agentic Cloud Security: Code-to-Cloud Shrinks to 3 Days 21.04.2026 26:53
Is your cloud security strategy ready for the "messy middle" of AI adoption? With developers pushing code from inception to production in under three days using "vibe coding," and adversaries capable of exfiltrating data in just 25 minutes, human-led security is no longer fast enough .In this episode, Ashish sits down with Elad Koren from Palo Alto Networks (Cortex Cloud) to di...
Why EDR Fails at AI Security & The Rise of Endpoint Behavior Modeling 14.04.2026 31:06
Is your EDR blinding you to insider threats? In this episode, Ashish is joined by Brandon Dixon (Co-Founder & CTO of Ent AI , and former Microsoft Security Copilot leader) to discuss why traditional endpoint security tools are failing in the AI era . Brandon talks about the reality of modern "Insider Risk." Attackers are no longer relying on malware; they are "living off the lan...
Solving Prompt Injection & Shadow AI for AI Malware 07.04.2026 36:36
Are AI agents functioning like adversarial malware inside your network? In this episode of the Cloud Security Podcast, Ashish sits down with Jasson Casey , Co-founder and CEO of Beyond Identity , to speak about the security risks introduced by Shadow AI and code assistants .Jasson explains why an AI agent executing a tool is the perfect opportunity for prompt injection or proprietary data exfiltra...
Browser Security Explained: Consent Phishing, "Click Fix" Attacks & The Limits of EDR 10.03.2026 46:07
Is your security team treating your Identity Provider (IDP) like a firewall? In this episode, Adam Bateman (CEO & Co-founder of Push Security ) explains why that's a dangerous mistake and how modern attackers are bypassing SSO entirely .Drawing from his background leading red teams that simulated nation-state attacks , Adam breaks down the massive architectural shift from network-based att...
Is AI Hallucinations a Myth and the Real Threat from AI 06.03.2026 40:02
Are attackers really using AI to run end-to-end cyber campaigns? In this episode, Edward Wu (Founder and CEO, DropzoneAI ) joins Ashish to separate the hype from reality when it comes to AI-driven attacks .Edward explains how attackers are currently using open-source LLMs for reconnaissance and spear-phishing , and why the major commercial models now explicitly prohibit users from generating explo...
Why AI Infrastructure is Harder to Secure Than Cloud 20.02.2026 34:03
Is AI security just "Cloud Security 2.0"? Toni De La Fuente , creator of the open-source tool Prowler , joins Ashish to explain why securing AI workloads requires a fundamentally different approach than traditional cloud infrastructure. We dive deep into the "Shared Responsibility Gap" emerging with managed AI services like AWS Bedrock and OpenAI. Toni spoke about the hidden da...
How Attackers Bypass AI Guardrails with Natural Language 10.02.2026 46:36
In the world of Generative AI, natural language has become the new executable. Attackers no longer need complex code to breach your systems, sometimes, asking for a "poem" is enough to steal your passwords . In this episode, Eduardo Garcia (Global Head of Cloud Security Architecture at Check Point ) joins Ashish to explain the paradigm shift in AI security. He shares his experience build...
Vulnerability Management vs. Exposure Management 06.02.2026 39:38
In this episode, Brad Hibbert (COO & Chief Strategy Officer at Brinqa ) joins Ashish to explain why traditional risk-based vulnerability management (RBVM) is no longer enough in a cloud-first world . We explore the evolution from simple patch management to Exposure Management a holistic approach that sits above your security tools to connect infrastructure, code, and cloud risks to actual busi...
Is Developer Friendly AI Security Possible with MCP & Shadow AI 05.02.2026 1:03:02
Is "developer-friendly" AI security actually possible? In this episode, Bryan Woolgar-O'Neil (CTO & Co-founder of Harmonic Security ) joins Ashish to dismantle the traditional "block everything" approach to security. Bryan explains why 70% of Model Context Protocol (MCP) servers are running locally on developer laptops and why trying to block them is a losing battle . I...
Why AI Can't Replace Detection Engineers: Build vs. Buy & The Future of SOC 21.01.2026 52:08
Is the AI SOC a reality, or just vendor hype? In this episode, Antoinette Stevens (Principal Security Engineer at Ramp) joins Ashish to dissect the true state of AI in detection engineering. Antoinette shares her experience building detection program from scratch, explaining why she doesn't trust AI to close alerts due to hallucinations and faulty logic . We explore the "engineering-led&q...
AI Vulnerability Management: Why You Can't Patch a Neural Network 13.01.2026 41:20
Traditional vulnerability management is simple: find the flaw, patch it, and verify the fix. But what happens when the "asset" is a neural network that has learned something ethically wrong? In this episode, Sapna Paul (Senior Manager at Dayforce) explains why there are no "Patch Tuesdays" for AI models . Sapna breaks down the three critical layers of AI vulnerability managemen...
Why Backups Aren't Enough & Identity Recovery is Key against Ransomware 16.12.2025 37:01
Think your cloud backups will save you from a ransomware attack? Think again. In this episode, Matt Castriotta (Field CTO at Rubrik ) explains why the traditional "I have backups" mindset is dangerous. He distinguishes between Disaster Recovery (business continuity for operational errors) and Cyber Resilience (recovering from a malicious attack where data and identity are untrusted) . Ma...
How to secure your AI Agents: A CISOs Journey 09.12.2025 54:52
Transitioning a mature organization from an API-first model to an AI-first model is no small feat. In this episode, Yash Kosaraju , CISO of Sendbird , shares the story of how they pivoted from a traditional chat API platform to an AI agent platform and how security had to evolve to keep up. Yash spoke about the industry's obsession with "Zero Trust," arguing instead for a practical &...
AI-First Vulnerability Management: Should CISOs Build or Buy? 04.12.2025 1:01:30
Thinking of building your own AI security tool? In this episode, Santiago Castiñeira, CTO of Maze , breaks down the realities of the "Build vs. Buy" debate for AI-first vulnerability management. While building a prototype script is easy, scaling it into a maintainable, audit-proof system is a massive undertaking requiring specialized skills often missing in security teams. The "RAG...
SIEM vs. Data Lake: Why We Ditched Traditional Logging? 02.12.2025 46:53
In this episode, Cliff Crosland , CEO & co-founder of Scanner.dev , shares his candid journey of trying (and initially failing) to build an in-house security data lake to replace an expensive traditional SIEM. Cliff explains the economic breaking point where scaling a SIEM became "more expensive than the entire budget for the engineering team". He details the technical challenges of...
How to Build Trust in an AI SOC for Regulated Environments 18.11.2025 42:15
How do you establish trust in an AI SOC, especially in a regulated environment? Grant Oviatt , Head of SOC at P rophet Security and a former SOC leader at Mandiant and Red Canary, tackles this head-on as a self-proclaimed "AI skeptic". Grant shared that after 15 years of being "scared to death" by high-false-positive AI, modern LLMs have changed the game . The key to trust lies...
Threat Modeling the AI Agent: Architecture, Threats & Monitoring 11.11.2025 47:20
Are we underestimating how the agentic world is impacting cybersecurity? We spoke to Mohan Kumar, who did production security at Box for a deep dive into the threats of true autonomous AI agents. The conversation moves beyond simple LLM applications (like chatbots) to the new world of dynamic, goal-driven agents that can take autonomous actions. Mohan took us through why this shift introduces a ne...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.