Inside Black Hat Las Vegas 2025: Vendor Chaos, Secret Shortcuts & DEF CON Madness! – BH25 #3
From sizzling 97° heat to the electric energy of Black Hat Las Vegas 2025, Matt Alderman and Doug White take viewers on a behind-the-scenes tour of one of cybersecurity’s biggest weeks. Between packed vendor floors, secret Vegas shortcuts, wild private parties, and the looming DEF CON chaos, they share the untold stories only insiders know. From B-Sides to Hakasan, it’s a non-stop ride through the ultimate hacker playground. Whether it’s testing Black Hat’s new podcast pods, navigating Mandalay Bay like a pro, or chasing down elusive co-hosts (Schrödinger’s Jeff, anyone?), this is your VIP pass to the heart of the action. Stay tuned for exclusive interviews, insider tips, and a glimpse at the cybersecurity community like never before.
Access all the BlackHat 2025 Coverage here: https://securityweekly.com/blackhat
- - – Kicking Off Black Hat Las Vegas 2025 in 97° Heat
- - – Vendor Floor Mayhem & Exclusive Private Events
- - – Mapping the Vegas Strip: Secret Hotel Shortcuts
- - – The Ultimate Mandalay Bay to Cosmo Navigation Guide
- - – Party Bus Stories & Filming on the Move
- - – Testing Black Hat’s New Podcast Pods
- - – Exploring Massive Booths & Hunting the Best Swag
- - – Museum Tangents: Mona Lisa, Dali & Art Surprises
- - – Cosmopolitan Nightlife & Pentera’s Hakkasan Party
- - – Wrapping BlackHat & Looking Ahead to DEFCON
Securing What Runs: The New CISO Priority – Danny Jenkins – BH25 #3
From the buzzing floors of BlackHat 2025 in Las Vegas, CyberRisk TV brings you an exclusive sit-down with Danny Jenkins, CEO & Co-Founder of ThreatLocker. In this high-energy interview, host Doug White dives deep into the real-world challenges of FedRAMP compliance, the million-dollar prep lessons, and the critical importance of secure configurations.
Danny shares unfiltered insights into Defense Against Misconfigurations — ThreatLocker’s new approach that helps organizations lock down endpoints, enforce application control, and spot hidden risks before attackers do. From Russian-made 7Zip to Chinese coupon clippers lurking in browsers, the conversation reveals shocking examples of threats hiding in plain sight.
Whether you’re a cybersecurity pro, IT leader, or compliance specialist, this interview offers a rare, behind-the-scenes look at the pain, process, and payoff of operating at the highest security standards in the industry.
Watch to learn: What FedRAMP really means (and why it’s so expensive) How auditors can make or break your compliance process Why DAC is changing how companies approach endpoint security Real stories from the frontlines of threat detection
Recorded live at Black Hat USA 2025 — Mandalay Bay, Las Vegas
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerbh to learn more about them!
- - – Live from BlackHat 2025 in Las Vegas
- - – Meeting ThreatLocker CEO Danny Jenkins
- - – FedRAMP: What It Is and Why It Matters
- - – The Pain and Price of FedRAMP Audits
- - – Auditor Challenges and Compliance Confusion
- - – How ThreatLocker Approaches Zero Trust Security
- - – Launching Defense Against Misconfigurations (DAC)
- - – Shocking Software Risks: 7Zip, Coupon Clippers & More
- - – Application-Level Security Policies Explained
- - – Final Thoughts from BlackHat 2025
Danny Jenkins is the CEO and Co-Founder of ThreatLocker, a cybersecurity company specializing in Zero Trust endpoint protection solutions. With over two decades of experience in building and securing corporate networks, including red and blue team operations, Jenkins is a recognized authority in the cybersecurity industry. He is dedicated to advancing cybersecurity awareness and frequently speaks on topics such as ransomware and the Zero Trust approach. Jenkins began his cybersecurity career in 1997 as an ethical hacker. His early career experiences reinforced the importance of proactive, robust cybersecurity measures.
How the Enterprise Browser Neutralizes the Risks of Compromised Credentials – Michael Leland – BH25 #3
At BlackHat 2025 in Las Vegas, Matt Alderman sits down with Michael Leland, VP Field CTO at Island, to tackle one of cybersecurity’s most urgent realities: compromised credentials aren’t a possibility — they’re a guarantee. From deepfakes to phishing and malicious browser plug-ins, attackers aren’t “breaking in” anymore… they’re logging in.
Michael reveals how organizations can protect stolen credentials from being used, why the browser is now the second weakest link in enterprise security, and how Island’s enterprise browser can enforce multi-factor authentication at critical moments, block unsanctioned logins in real time, and control risky extensions with live risk scoring of 230,000+ Chrome plug-ins.
Key takeaways: Why credential compromise is inevitable — and how to stop credential use How presentation layer DLP prevents data leaks inside and outside apps Real-time blocking of phishing logins and unsanctioned SaaS access Plug-in risk scoring, version pinning, and selective extension control Enabling BYOD securely — even after a catastrophic laptop loss Why many users never go back to Chrome, Edge, or Safari after switching
Filmed at Mandalay Bay, Las Vegas, this conversation goes beyond awareness training and into practical, policy-driven defense that works in today’s AI-enhanced threat landscape.
Segment Resources: https://www.island.io/blog/how-the-enterprise-browser-neutralizes-the-risks-of-compromised-credentials
This segment is sponsored by Island. Visit https://securityweekly.com/islandbh to learn more about them!
- - Live from BlackHat 2025, Las Vegas
- - Meet Michael Leland, VP Field CTO at Island
- - The harsh truth: credential compromise is inevitable
- - From “breaking in” to “logging in” — attacker shift explained
- - MFA strategies that actually work in the real world
- - Phishing, smishing, and deepfake scams — trust is broken
- - Why the browser is the second weakest link in security
- - Real-time blocking of unsanctioned logins and credential misuse
- - Managing risky browser extensions with live risk scoring
- - BYOD done right — secure work on any device
- - Final takeaways and where to learn more about Island
Michael is Field CTO at Island, bringing over 30 years of data networking, operations, and cybersecurity domain expertise. He formerly served as Head of Technical Marketing and Chief Cybersecurity Evangelist at SentinelOne where he was responsible for messaging and strategic development of their XDR product roadmap as well as the identity security portfolio. Prior to SentinelOne, he held the title of Chief Technical Strategist for McAfee. Michael was the co-founder and CTO of NitroSecurity – later acquired by McAfee – where he was responsible for developing and implementing their overall SIEM technology vision and roadmap and has held senior technical management positions at Cabletron and Avaya.
Fix What Matters With Adversarial Exposure Validation (AEV) – Seemant Sehgal – BH25 #3
Live from BlackHat 2025 in Las Vegas, cybersecurity host Jackie McGuire sits down with Seemant Sehgal, founder of BreachLock, to unpack one of the most pressing challenges facing SOC teams today: alert fatigue—and its even more dangerous cousin, vulnerability fatigue.
In this must-watch conversation, Seemant reveals how his groundbreaking approach, Adversarial Exposure Validation (AEV), flips the script on traditional defense-heavy security strategies. Instead of drowning in 10,000+ “critical” alerts, AEV pinpoints what actually matters—using Generative AI to map realistic attack paths, visualize kill chains, and identify the exact vulnerabilities that put an organization’s crown jewels at risk.
From his days leading cybersecurity at a major global bank to pioneering near real-time CVE validation, Seemant shares insights on scaling offensive security, improving executive buy-in, and balancing automation with human expertise. Whether you’re a CISO, SOC analyst, red teamer, or security enthusiast, this interview delivers actionable strategies to fight fatigue, prioritize risks, and protect high-value assets.
Key topics covered: The truth about alert fatigue & why it’s crippling SOC efficiency How AI-driven offensive security changes the game Visualizing kill chains to drive faster remediation Why fixing “what matters” beats fixing “everything” The future of AI trust, transparency, and control in cybersecurity
Watch now to discover how BreachLock is redefining offensive security for the AI era.
Segment Resources: https://www.breachlock.com/products/adversarial-exposure-validation/
This segment is sponsored by Breachlock. Visit https://securityweekly.com/breachlockbh to learn more about them!
- - Live from BlackHat 2025 in Las Vegas
- - Introducing Seemant Sehgal, Founder of BreachLock
- - The SOC’s Silent Killer: Alert Fatigue Explained
- - From Banking Cybersecurity to Offensive Security Innovation
- - Adversarial Exposure Validation: How It Works
- - Visualizing Kill Chains to Prioritize Real Risks
- - Executive Buy-In: Turning Cyber Risk into Business Risk
- - Automation vs Human Expertise in Offensive Security
- - Who BreachLock Helps: From Fortune 500 to Critical Infrastructure
- - AI Transparency, Control, and the Future of Cybersecurity
Seemant Sehgal founded BreachLock with two things: 20+ years of experience in the cybersecurity industry and a dream to create a solution that would make proactive security the new standard.
As the former Head of Cybersecurity at ING Bank, who held a multi-million-dollar cybersecurity budget, he dealt with the pain of traditional pentesting approaches falling short of what modern businesses today need for a strong security posture. A go-getter by nature, Seemant was motivated to solve these challenges, and went on to create the world’s first full-stack, human-led, AI-powered Penetration Testing as a Service (PTaaS) solution with a strong company culture that has helped BreachLock gain momentum and scale rapidly.
Today, BreachLock is a global leader in offensive security, offering attack surface management, penetration testing, red teaming, and adversarial exposure validation (AEV) services within one unified platform.
Agentic AI driven Cyber Threat Intelligence: Building on a strong foundation – Jawahar “Jawa” Sivasankaran – BH25 #3
From the heart of BlackHat 2025 in Las Vegas, Jackie McGuire sits down with Jawahar Sivasankaran, President at Cyware, for an unmissable deep dive into the future of Cyber Threat Intelligence (CTI), agentic AI, and open-source security innovation. With nearly three decades of experience spanning hands-on engineering, go-to-market leadership, and cutting-edge product strategy, Jawahar shares insider insights on how CTI is evolving from fragmented alerts to unified, automated threat intelligence platforms.
Viewers will discover: Why alert fatigue is still crippling SOC teams—and how to fix it. The real-world impact of agentic AI in security operations. How model context protocol (MCP) and open-source collaboration are reshaping interoperability. Practical steps for CISOs to get high-value CTI results without a seven-figure budget.
Whether you’re a security leader, AI innovator, or just fascinated by the next wave of cyber defense, this conversation delivers actionable strategies, industry foresight, and a candid look at where AI and human expertise must meet.
Recorded live at Cyber Risk TV Studios, Mandalay Bay, during BlackHat 2025.
Segment Resources: https://www.cyware.com/resources/security-guides/cyber-threat-intelligence/what-is-threat-intelligence-management
To explore Cyware’s new Intelligence Suite, CTI automation capabilities, and open-source AI integration protocol, visit https://securityweekly.com/cywarebh.
- - Welcome to BlackHat 2025 from Las Vegas
- - Guest intro: Jawahar Sivasankaran, President at Cyware
- - 28 years in cybersecurity – from practitioner to president
- - Why cyber threat intelligence needs a unified approach
- - Integrating feeds, platforms & dark web monitoring
- - Sandboxing challenges & CTI integration
- - The rise of agentic AI in autonomous SOCs
- - From automation scripts to AI-driven outcomes
- - Guardrails for safe AI-driven remediation
- - Open-source MCP server & standards-based security
- - Practical CTI tips for resource-constrained CISOs
Jawahar is a seasoned leader with over 25 years of experience driving innovation, growth, and customer success in the security product space. He currently serves as President of Cyware, a pivotal role in empowering organizations with advanced, AI-driven threat intelligence and security solutions. Before Cyware, Jawahar was President and COO of Appgate, where he was responsible for all go-to-market functions including sales, marketing, and customer success, and held the position of a Section 16 public company officer. Before that, he was instrumental in transforming specialization sales for Splunk’s advanced security offerings, significantly contributing to growth and customer intimacy. He also held various leadership roles in go-to-market and product functions during his tenure at Cisco.
Agentic AI is Here—Are Your APIs Ready? – Michael Callahan – BH25 #3
In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape.
Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it’s too late.
Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker’s dream. Whether you’re a security leader, developer, or tech enthusiast, this conversation will leave you both fascinated and just a little bit scared—in the best way.
Segment Resources: Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing-in-your-mcp-security Survey Report: https://content.salt.security/AI-Agentic-Survey-2025_LP-AI-Agentic-Survey-2025.html
This segment is sponsored by Salt Security. Visit https://securityweekly.com/saltbh for a free API Attack Surface Assessment!
- - Welcome to BlackHat 2025 at Mandalay Bay
- - Introducing Michael Callahan, CMO of Salt Security
- - What is Agentic AI and why it sounds “dangerous”
- - How MCP servers broker AI agent communications
- - The hidden API explosion behind AI productivity
- - Shadow MCP servers and growing security risks
- - DNS poisoning as an analogy for MCP attacks
- - Why traditional security can’t keep up with AI speed
- - CISO decision-making under pressure to adopt AI
- - The “API fabric” concept and radioactive supply chains
- - Autonomous AI agents creating unpredictable vulnerabilities
- - How attacks can bypass detection by looking legitimate
- - Closing thoughts and where to find more Black Hat coverage
Michael Callahan is the Chief Marketing Officer at Salt Security, a leading API security firm. Appointed in October 2023, he brings over 20 years of cybersecurity executive leadership, with prior roles at Acronis, Cofense, McAfee, HP, FireMon, Juniper, and Zimperium. At Salt, he leads brand, demand generation, and global go‑to‑market strategy.
Why the traditional SOC model is broken – Matt Muller – BH25 #3
Live from the CyberRisk TV studio at Black Hat 2025 in Las Vegas, host Matt Alderman sits down with Matt Muller, Field CISO at Tines, for a deep-dive into how Security Operations Centers must evolve. From blowing up the outdated tier system to empowering junior analysts with AI, this conversation uncovers the real strategies driving next-gen cyber defense.
Muller explains why traditional SOC models create burnout, how AI can flatten team structures, and why measuring the right metrics—like Mean Time to Detect—is critical for success. They tackle the balance of human + AI orchestration, the security challenges of non-human identities, and how to rethink access controls for a machine-augmented future.
If you care about SOC transformation, AI-driven security workflows, and cyber resilience at scale, this is the conversation you can’t afford to miss.
Watch until the end for practical insights you can start applying today in your own security operations.
This segment is sponsored by Tines. Visit https://securityweekly.com/tinesbh to learn more about them!
- - Welcome to BlackHat 2025: Final Interview with Matt Muller
- - The Broken SOC Model: Why Legacy Approaches Fail
- - SOC Origins and Why Burnout Persists
- - Rethinking the SOC: Flipping the Model
- - Empowering Junior Analysts with AI
- - Do We Still Need Tiers? Flattening the SOC Structure
- - Senior Analysts as Researchers & AI Architects
- - AI in the SOC: Co-Pilot vs. Full Automation
- - Tooling & Trust: Barriers to Full Automation
- - Human + AI Orchestration with Consensus Controls
- - Securing AI Agents: Identity, Access & Insider Threats
- - Measuring SOC Success: The Metrics That Matter
- - Closing Thoughts & Where to Learn More
Matt Muller is an accomplished security leader with over a decade of hands-on experience in cybersecurity. Currently serving as Field CISO at Tines, Matt leverages his deep understanding of security operations and product leadership to shape product and cybersecurity strategies. His extensive background, which includes leadership roles at Coinbase and Material Security, enables him to offer strategic guidance to clients on how to integrate security automation, orchestration, and AI into their organizations, driving stronger defenses and innovation in the rapidly evolving security landscape.
BlackHat 2025 Wrap-Up: Predicting the Future of AI, Quantum & Cybersecurity – BH25 #3
At BlackHat 2025, the conversations got intense — and a little hilarious. Matt Alderman and Dr. Doug White closed out the week with a deep dive into the future of the internet, AI security, and the mysterious Model Context Protocol (MCP) — all while debating the fate of the Luxor Hotel and why Mandalay Bay’s lampshades are “tamperproof.”
From quantum computing disrupting HTTPS to agentic AI identity management and the browser plugin privacy crisis, they connect the dots on how security, trust, and monetization might change forever. Expect sharp insights, bold predictions, and a few laugh-out-loud moments about ice buckets, trash cans, and the bathroom wall problem of data privacy.
If you care about cybersecurity trends, internet infrastructure shifts, or just want to hear two pros riff on the weirdest rumors in Vegas, this is the wrap-up you don’t want to miss.
- - – Welcome to the Black Hat 2025 Wrap-Up
- - – The Mandalay Bay Lampshade Mystery
- - – Ice Buckets, Trash Cans, and On-Camera Laughs
- - – New Security Trends from the Show Floor
- - – What is the Model Context Protocol (MCP)?
- - – Quantum Computing and the Future of HTTPS
- - – Agentic AI, Identity Management, and Trust
- - – The Potential Death of Google Search
- - – How AI Could Reshape Internet Monetization
- - – The Browser Problem and Consumer Privacy
