VIA
VIA Knowledge Hub Podcast
Discussions, playbooks, and tech resources for teams building software for the DoD and other highly regulated industries, so you can ship fast, stay secure, and be compliant. www.viaknowledgehub.com
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
The One Thing Devs Can’t Outsource to AI with Tanya Janca 10.06.2026 37:15
Security has never been a solved problem, but the 2025 OWASP Top 10 makes one thing clear: the rules have shifted again. AI is writing code at scale; developers are vibe-coding to production; and the data that trained those models came from an internet where security was largely optional. The result is a new generation of software that looks like it works, until it doesn’t. Tanya Janca, Secure Cod...
Financial Exclusion Is a Security Risk and Blockchain Confusion Is Making It Worse with Candace Kelly 27.05.2026 41:14
Most people think blockchain means Bitcoin. That misunderstanding has real consequences for regulators, developers building on it, and for the 1.3 billion people worldwide who still don’t have a bank account. Candace Kelly spent nearly two decades as a federal prosecutor at the DOJ and FBI before becoming Chief Legal Officer at the Stellar Development Foundation. In this episode, she breaks down h...
In the end, it's all risk. An AppSec leader's guide to enterprise AI with Joshua Bregler 07.04.2026 31:45
What would you do if your AI agent deleted your production database because it decided that was the logical thing to do? That's not a hypothetical. It happened. And according to Joshua Bregler, it happened because someone gave an AI agent the same admin privileges they'd never hand to a new hire. Joshua is an application security leader at McKinsey, working at the intersection of AppSec, AI adopti...
The Four Ps every developer needs to know before their next product decision with Eve Maler 18.03.2026 37:29
Most teams treat identity like plumbing: invisible, unglamorous, and someone else’s problem… until something breaks. Eve Maler has spent thirty years proving that’s the wrong mental model, and it’s costing companies more than they realize. As the co-creator of SAML and User-Managed Access, former CTO of ForgeRock, and author of the forthcoming Mastering Digital Identity: From Risk to Revenue, Eve...
How to break into DevSecOps (without expensive bootcamps) with Damien Burks 26.02.2026 39:02
DevSecOps is everywhere right now, but most teams are still treating it like a tooling problem. Damien Burks says it's actually a culture problem. He's a DevSecOps expert and the founder of the DevSec Blueprint, a free, open-source learning guide with a 650+ member community. His mission: help people break into DevSecOps by focusing on foundations and systems thinking, not expensive bootcamps. In...
The one security practice most teams skip: tabletop exercises with Jeff Fields 12.02.2026 42:11
Most security teams aren’t underprepared because they lack tools, they’re underprepared because they haven’t rehearsed what happens when humans, systems, and pressure collide. Jeff Fields says that the single most important thing teams can do is run tabletop exercises. Fresh off a 20-year FBI career, Jeff explains why the most damaging incidents aren’t caused by “unknown threats,” but by breakdown...
Decentralized identity in the age of AI agents with Kaliya Young 08.01.2026 31:44
What does decentralized identity really mean, and why is it becoming essential in a world of AI, deepfakes, and digital fraud? In this episode, we sit down with Kaliya Young . Kaliya is widely known as the “Identity Woman” and is one of the earliest pioneers of decentralized and self-sovereign identity. With over 20 years in the field, Kaliya breaks down complex concepts like decentralized identif...
You can’t just unplug it: The reality of space resilience 17.12.2025 28:44
Space is where we have the opportunity to invent life-saving drugs, track natural disasters and national security threats, and connect the globe. But as we rely more on these assets, the threats from orbital debris and cyberattacks are mounting. The problem? You can’t just walk up to a satellite, unplug it, and plug it back in. Major General Kim Crider (ret.) , Founding Partner at Elara Nova, form...
The AI agent access problem 03.12.2025 35:45
AI agents aren’t magic coworkers. They’re powerful, error-prone systems that can be hijacked, over-permissioned, and “social-engineered” just like humans. Chris Hughes , CEO of Aquia, Resilient Cyber podcast host, author of Securing AI Agents , and United States Air Force veteran, dives into why identity and access are brutally hard in an agentic AI world. He also explains how incentives, complian...
Making Zero Trust work for teams who actually ship code 13.11.2025 48:02
George Finney, CISO at The University of Texas System and author of Project Zero Trust , asserts Zero Trust isn’t just a strategy, it’s the “ only strategy when it comes to cybersecurity.” Like all good researchers, we went straight to Reddit to see what people were really saying about Zero Trust. Turns out, a lot of teams were over it. They were tired of gatekeepers who slowed everyone down. Sure...
Devs, your favorite metrics are holding you back 30.10.2025 37:54
“You can’t measure that” is just business-speak for “we’re guessing and hoping nobody notices.” Doug Hubbard notices. And then he brings math. The kind that turns million-dollar guesswork into real decisions, and lets software teams prove they delivered value, not just code. And security? Also measurable. Start with defining what security means for your product (most teams miss this step!). Then g...
Top three mobile security fails (and how to fix them) 15.10.2025 34:26
Think Apple and Google are doing deep security reviews of your app? Think again. While the App Store and Google Play scan for known malware, they completely miss big security gaps like API misconfigurations and vulnerabilities in third-party tools. Mobile app security expert Andrew Hoog breaks down the top “gotcha” moments for mobile developers and the quick, actionable steps your team can take to...
A tale of two ATOs 30.09.2025 28:39
Getting an Authorization to Operate (ATO) can be a slow and expensive hurdle for developers trying to deploy software for the government. In this episode, Dave Raley , Digital Program Manager at Marine Corps Community Services (MCCS), explains how he’s revolutionizing this process with Operation StormBreaker . Instead of a months-long process, StormBreaker provides a pre-authorized DevSecOps platf...
DoD tech: speed, security, and strategic partnerships 12.09.2025 45:50
Want to build software for the DoD? You won’t get better guidance than from Michael Frank , Deputy CTO, Department of the Navy, who works with entrepreneurs, non-traditional DoD contractors, and private capital to connect mission needs with commercial solutions. Mike says the best partners are adaptable and communicate relentlessly. While they might push back on “bespoke everything,” they still re...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.