Cybersecurity circus hits Las Vegas | Black Hat + DEFCON madness! – BH25 #1
From wild parties to deep convos on AI, identity, and booth size debates—this video captures the chaotic genius of hacker summer camp in Vegas. Doug and Jackie unpack what’s happening at Black Hat, the evolution of security culture, and why everyone from CEOs to Chromebook-wielding teens are here.
Expect hot takes, dry humor, and real talk on cybersecurity careers, AI hype, and whether Python really beats C++
CyberRiskTV brings you insider moments from the floor—no filter, no fluff.
More madness coming all week!
- - – Welcome to Black Hat & Hacker Summer Camp
- - – Vegas Chaos: B-Sides, DEFCON & Alley Vomiting
- - – Gambling Culture & Fortnite Comparisons
- - – Reuniting with Friends & Selective Extroverts
- - – Narcissism, Sobriety & Herding Drunk Cats
- - – Secret Food Spots & Surreal Vegas Memories
- - – The AI Hype Cycle & Security’s Burden
- - – Booth Sizes, Budgets & Vendor Sentiment
- - – Cybersecurity Career Concerns & Education Gaps
- - – Python vs C++ & Adapting to Industry Needs
Digital Exposure and Modern Kill Chain: Protecting People in Weaponized Data Economy – Chuck Randolph – BH25 #1
LIVE from Black Hat 2025 in Las Vegas! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a gripping conversation about the evolution of executive protection in the digital age. With over 30 years of experience, Chuck shares how targeted violence has shifted from physical threats to online ideation—and why it now starts with a click.
From PII abuse to unregulated data brokers, generative AI manipulation, and real-world convergence of cyber and physical risks—this is a must-watch for CISOs, CSOs, CEOs, and anyone navigating modern threat landscapes. Hear real-world examples, including shocking stories of doxxing, AI-fueled radicalization, and the hidden dangers of digital exhaust.
Whether you're in cyber, physical security, or executive leadership, this interview lays out the urgent need for converged risk strategies, narrative control, and a new approach to duty of care in a remote-first world.
Learn what every security leader needs to do now to protect key personnel, prevent exploitation, and build a unified, proactive risk posture.
This segment is sponsored by 360 Privacy. Learn how to integrate privacy and protective intelligence to get ahead of the next threat vector at https://securityweekly.com/360privacybh!
- - – Welcome to Black Hat 2025: Executive Protection in Focus
- - – Why Executive Protection Has Evolved
- - – The Digital Kill Chain: From Ideation to Action
- - – Real-World Doxxing and Online Targeting
- - – The Impact of Social Media Algorithms on Threat Behavior
- - – AI Gone Rogue: When Chatbots Reinforce Violent Ideation
- - – Merging Cyber and Physical Security at the Board Level
- - – Insider Risk & Key Person Vulnerability
- - – The Remote Work Dilemma: Security at the Edge
- - – What Leaders Can Do Now: Strategic Risk Recommendations
Charles “Chuck” Randolph is Senior Vice President for Strategic Intelligence and Security at 360 Privacy, bringing over 30 years of expertise in corporate, intelligence, and military operations. In the private sector, Chuck previously served in executive roles at Microsoft, Ontic, and AT-RISK International, spearheading global risk management, executive protection, and intelligence strategies. He specializes in converging cyber and physical security to enhance organizational resilience.
The 2025 Mid-Year Threat Landscape and the Shifting Battlefield with CyberProof – Yuval Wollman – BH25 #1
Cyberproof takes center stage at Black Hat 2025, as Yuval Wollman, President of CyberProof, joins host Doug White live from the Cyber Risk TV studio in Las Vegas. In this eye-opening interview, Yuval unpacks how AI agents are not only expanding the attack surface—but reshaping the entire cyber threat landscape.
Discover how ransomware-as-a-service platforms like Funksec and Dragonforce are operating with enterprise-level precision. Learn about the role of agentic AI, geopolitical cyber warfare, and why today's hackers offer better customer support than airlines. This isn’t your typical cyber chat—this is a deep dive into the new economy of cybercrime, now ranked as the third-largest economy in the world.
Whether you're a CISO, security pro, or just trying to keep your business secure, this is a must-watch conversation on how exposure management and real-time threat detection are essential in defending against nation-state attacks and AI-driven breaches.
This segment is sponsored by CyberProof. Visit https://securityweekly.com/cyberproofbh to learn more about them! Watch all Black Hat 2025 coverage: Securityweekly.com/Blackhat
- - Welcome to Black Hat 2025
- - What Is CyberProof?
- - The Modern Cybersecurity Challenge
- - AI Agents: A New Attack Surface
- - Hackers vs. AI Agents: Who Wins?
- - Ransomware-as-a-Service & Funksec
- - The Cybercrime Economy
- - Targeted Attacks on Industries
- - Cyber Warfare & Nation-State Spillover
- - How to Prepare for the Future of Cyber Risk
Yuval Wollman is a former intelligence chief who brings a wealth of experience across public and private sectors to bear in his role as President of CyberProof. He also leads UST Spark, a startups’ innovation hub accelerating customers’ digital transformations. Yuval is accustomed to reading between the lines, always looking out for the small detail that could lead to a big strategic shift. Prior to CyberProof, Yuval served as Vice President for business development at IDB Group, one of Israel’s largest conglomerates. He previously spent a decade working in the Israeli public sector, ending his role as Director General of Intelligence Ministry.
During his military service, Yuval served as an officer in the Israeli Defense Forces 8200 unit. He worked as a government official in the Israeli Finance Ministry and became the senior economic adviser to the Finance Minister and Chief of Staff. Yuval is a lawyer who clerked in the Israeli Supreme court, drafting decisions in both constitutional and corporate law. He holds a Masters and Bachelors in Economics and Bachelors in Law from the Hebrew University.
Hard Truths About AI in Cybersecurity Reveal Truly Hardened Defenses – Chris Boehm – BH25 #1
Live from Black Hat 2025 in Las Vegas, Jackie McGuire sits down with Chris Boehm, Field CTO at Zero Networks, for a high-impact conversation on microsegmentation, shadow IT, and why AI still struggles to stop lateral movement. With 15+ years of cybersecurity experience—from Microsoft to SentinelOne—Chris breaks down complex concepts like you're a precocious 8th grader (his words!) and shares real talk on why AI alone won’t save your infrastructure. Learn how Zero Networks is finally making microsegmentation frictionless, how summarization is the current AI win, and what red flags to look for when evaluating AI-infused security tools. If you're a CISO, dev, or just trying to stay ahead of cloud threats—this one's for you.
Want AI that actually works with your security stack? Watch now and get real answers.
This segment is sponsored by Zero Networks. Visit https://securityweekly.com/zerobh to learn more about them!
- - Intro from Black Hat 2025: Meet Chris Bain
- - The Name Game: Pronunciation Struggles
- - Chris Boehm's Career Journey in Cybersecurity
- - Microsegmentation Explained Like You’re in 5th Grade
- - Why Microsegmentation Matters in the Cloud & AI Era
- - Shadow IT and Security Risks in Cloud Environments
- - Why AI Struggles to Stop Lateral Movement
- - Where AI Is Actually Helping in Cybersecurity
- - Finding the Balance: AI Agents vs. Microsegmentation
- - How to Evaluate Real vs. Hype in AI Security Tools
Chris Boehm is the Field Chief Technology Officer (CTO) at Zero Networks. He has 15+ years of experience in cybersecurity, spanning public sector IT, cloud engineering, and executive leadership. Chris started in State and Local Government before leading hybrid infrastructure and security programs, then spent 7 years at Microsoft across Defender, Azure, and M365, delivering threat detection, identity, and compliance solutions globally. At SentinelOne, he served as Field CISO through its IPO, advising Fortune 500s on threat-informed defense, risk, and strategy. Now at Zero Networks, he helps organizations implement real zero trust and segmentation – tied to tactics, techniques and procedures, not theory – bringing hands-on credibility and an operator’s lens to modern security architecture.
AI-Based Web Attack Testing – Tom Pore – BH25 #1
In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks.
What’s happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape.
The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries.
Key Topics Covered: AI-based web app testing Real-time threat simulation PII detection using NLP Automated credential extraction Vibe red teaming and AI coding Security strategy for CISOs in the age of GenAI
To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh
- - Intro from Black Hat 2025
- - How Attackers Are Using AI Today
- - The Shift to Continuous Application Testing
- - Pentera’s New AI-Driven Web Attack Capability
- - Using LLMs & NLP for Context-Aware Attacks
- - Identifying and Pivoting on Sensitive Data
- - Credential Extraction & Recursive Testing
- - Language, Culture, and System-Aware Payloads
- - Solving Authentication Challenges in Testing
- - The Future of AI in Red vs Blue Teaming
Thomas Pore is the AVP of Sales Engineering at Pentera, where he helps organizations close real-world security gaps through automated validation and offensive expertise. With over 20 years in network security, his background spans NDR, encrypted traffic analysis, ethical hacking, and hands-on incident response. His insights come from the front lines—uncovering how attackers succeed and helping defenders take back control.
Discuss Semperis’ 2025 Global Ransomware Report – Mickey Bresman – BH25 #1
LIVE from Black Hat 2025 at Mandalay Bay, Las Vegas — CyberRisk TV brings you a powerful conversation between Doug White and Mickey Bresman, CEO of Semperis, diving deep into the evolution of ransomware and the alarming rise of cyber extortion tactics.
From the early days of encryption-only attacks to today's ransomware-as-a-service (RaaS) operations and hybrid threats blending digital and physical intimidation, this interview unpacks the growing sophistication of organized cybercrime.
Mickey shares firsthand insights from Semperis’ recent ransomware report, including a chilling real-world example where a photo of a child was used to threaten an IT professional — illustrating how far threat actors are willing to go.
Key topics covered: How ransomware evolved into an industrialized criminal enterprise Why paying the ransom often doesn’t guarantee safety The vital importance of incident response planning, disaster recovery testing, and cyber insurance What businesses must do now to survive modern cyber threats
If you’ve ever said “We’ll call Steve if something goes wrong,” this video is your wake-up call.
Stay prepared. Stay protected. And if you don’t have a tested response plan… it’s already too late.
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to download the 2025 Global Ransomware Report!
- - Live from Black Hat 2025 Intro
- - Meet Mickey Bresman, CEO of Semperis
- - The Evolution of Ransomware
- - From Encryption to Data Theft and Extortion
- - Organized Crime Enters Cybersecurity
- - Real-World Threats: Blending Digital and Physical
- - Should You Ever Pay the Ransom?
- - The Importance of Disaster Recovery Planning
- - Common Mistakes in Incident Response
- - Final Advice & Cybersecurity Takeaways
Mickey Bresman is CEO and co-founder of Semperis, the identity-driven cyber resilience and crisis response company.
Beginning his technical career in the Navy, Mickey’s comfort zone is on the front lines helping organizations thwart and respond to cyberattacks. The long-time cybersecurity expert and entrepreneur has an extensive track record of driving revenue growth and scaling organizations across the globe. Prior to founding Semperis, Mickey held the position of CTO at YouCC Technologies, a Microsoft Gold Partner integration company. As a cybersecurity thought leader, Mickey has been quoted or featured in many major publications, including Forbes, Fortune, Wall Street Journal and others.
Semperis recently surpassed $150M in annual recurring revenue, a milestone that fewer than one in every 1,000 venture-backed enterprise software companies achieves. The company was recently recognized by Cohesity as its 2025 Security Partner of the Year, one of Dun’s 100 Best HighTech Companies, recognized by Inc. Magazine as one of its Best Workplaces for four consecutive years and has been named to Deloitte’s Technology’s Fast 500 for the sixth consecutive years.
The Software Supply Chain and Cybersecurity – Theresa Lanowitz – BH25 #1
Live from BlackHat 2025 in blazing-hot Las Vegas, Doug White sits down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a powerful and timely conversation about one of cybersecurity’s most pressing threats: the software supply chain.
In this exclusive interview, Theresa shares fresh insights from LevelBlue’s global research involving 1,500 cybersecurity professionals across 16 countries. Together, they unpack the real-world risks of software acquisition in the API economy, the explosive growth of AI-generated code, and the rise of “vibe coding”—and how these trends are silently expanding the attack surface for organizations everywhere.
What is the software supply chain? Why are empty packages flooding open-source repositories? What’s the real cost of depending on ChatGPT to write your code? Why visibility into your supply chain directly correlates with breach prevention?
This episode is a must-watch for developers, CISOs, and anyone building or securing modern software. Learn how to protect your organization with supply chain visibility, strong S-BOM practices, and a return to solid software engineering fundamentals.
Visit https://securityweekly.com/levelbluebh to download the Data Accelerator: Software Supply Chain and Cybersecurity as well as all of LevelBlue's research.
- - Live from BlackHat 2025 in Las Vegas
- - What is the software supply chain?
- - Doug’s early fears and real-world coding experiences
- - 3 drivers of the software supply chain crisis
- - The rise of AI-generated code and dependency overload
- - Human oversight vs. AI: The risks of unchecked modules
- - Why visibility matters: Supply chain breaches by the numbers
- - Understanding the importance of a Software Bill of Materials (S-BOM)
- - Vibe coding: A growing threat to secure development
- - The return of QA and software engineering fundamentals
- - Final advice: How to secure your software supply chain
Theresa Lanowitz is a globally recognized cybersecurity leader, former Gartner analyst, and former Chief Cybersecurity Evangelist with AT&T Cybersecurity and LevelBlue.
She is the creator of Executive-led Growth, a strategy that emphasizes the importance of business understanding in the cybersecurity market.
With a distinguished career in the technology industry, Theresa has held influential roles at companies including Gartner, Borland, Taligent, and Sun Microsystems, significantly impacting application security and emerging technologies.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity. She frequently speaks at major industry conferences, including RSA and Black Hat sharing her insights on market trends, AI integration, and the evolving threat landscape. She’s been published in Forbes, Dark Reading, SC Media, ISMG, InformationWeek, and more, with her contributions reflecting a deep commitment to advancing cybersecurity practices and fostering innovation within the industry.
Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.
Software’s Agentic Future Is Coming. How CISOs Can Prepare Today – Josh Lemos – BH25 #1
Is Your AI Usage a Ticking Time Bomb? In this exclusive Black Hat 2025 interview, Matt Alderman sits down with GitLab CISO Josh Lemos to unpack one of the most pressing questions in tech today: Are executives blindly racing into AI adoption without understanding the risks?
Filmed live at the CyberRisk TV Studio in Las Vegas, this eye-opening conversation dives deep into:
How AI is being rapidly adopted across enterprises — with or without security buy-in
Why AI governance is no longer optional — and how to actually implement it
The truth about agentic AI, automation, and building trust in non-human identities
The role of frameworks like ISO 42001 in building AI transparency and assurance
Real-world examples of how teams are using LLMs in development, documentation & compliance
Whether you're a CISO, developer, or business exec — this discussion will reshape how you think about AI governance, security, and adoption strategy in your org.
Don’t wait until it’s too late to understand the risks.
Segment Resources: The Economics of Software Innovation: $750B+ Opportunity at a Crossroads Report: http://about.gitlab.com/software-innovation-report/
For more information about GitLab and their report, please visit: https://securityweekly.com/gitlabbh
- - Intro: Live from Black Hat 2025
- - How Executives Are Approaching AI Adoption
- - AI Usage in the Enterprise: The 3 Key Patterns
- - Real-World AI Test with ChatGPT
- - The First Step in AI Governance: Visibility
- - Role of Certifications like ISO 42001 in AI Transparency
- - Securing Agentic AI: From Code to Guardrails
- - Agentic AI & Productivity Gains in Development
- - East-West Expansion of Agent Workflows
- - Trust, Audit Trails, and Monitoring Non-Human Identities
Josh Lemos is the Chief Information Security Officer at GitLab Inc., where he brings 20 years of experience leading information security teams to his role. Josh has led security teams at numerous high-growth technology companies, including ServiceNow, Cylance, and, most recently, Block (formerly known as Square). Josh’s commitment to securing technologies to make a positive impact in the world has been a common thread throughout his career. He serves as a mentor to aspiring information security professionals and is active in supporting organizations that promote diversity and inclusion in the technology industry. Josh holds a B.S. in Computer and Information Systems Security from the University of San Francisco.
AI Security Chaos at Black Hat 2025: Can We Even Keep Up? – BH25 #1
Day 1 of Black Hat 2025 is in the books, and the conversations are hotter than ever. AI dominated the discussions—agentic AI, trust, model inconsistencies, and the race between defenders and attackers. In this session, the hosts reflect on how AI is reshaping cybersecurity, the challenges of identity management, the rise of ransomware, and why zero trust still feels out of reach. With real stories from GitLab, LevelBlue, and more, they unpack the evolution of AI in both offense and defense. Is the cybersecurity industry prepared? Or are we permanently playing catch-up? Get the full unfiltered take from the suite—complete with cigar flashbacks, wild 2019 stories, and insights into how companies are adapting to a rapidly changing threat landscape.
Find all the BlackHat 2025 coverage at https://securityweekly.com/blackhat
- - Welcome to Black Hat 2025 Day 1 Recap
- - Throwback to 2019: Cigars, Chaos & 28 Interviews
- - AI Takes Over the Conversation
- - Businesses Are Using AI—Ready or Not
- - Securing AI: Trust, Tools & Agentic Challenges
- - The Inconsistency Problem with LLMs
- - Comparing AI Models: Claude, Gemini, OpenAI
- - Ransomware: Why Haven’t We Solved It Yet?
- - Can Zero Trust Ever Be Absolute?
- - The Future: Agentic AI Arms Race
