From the buzzing floors of BlackHat 2025 in Las Vegas, CyberRisk TV brings you an exclusive sit-down with Danny Jenkins, CEO & Co-Founder of ThreatLocker. In this high-energy interview, host Doug White dives deep into the real-world challenges of FedRAMP compliance, the million-dollar prep lessons, and the critical importance of secure configurations.
Danny shares unfiltered insights into Defense Against Misconfigurations — ThreatLocker’s new approach that helps organizations lock down endpoints, enforce application control, and spot hidden risks before attackers do. From Russian-made 7Zip to Chinese coupon clippers lurking in browsers, the conversation reveals shocking examples of threats hiding in plain sight.
Whether you’re a cybersecurity pro, IT leader, or compliance specialist, this interview offers a rare, behind-the-scenes look at the pain, process, and payoff of operating at the highest security standards in the industry.
Watch to learn: What FedRAMP really means (and why it’s so expensive) How auditors can make or break your compliance process Why DAC is changing how companies approach endpoint security Real stories from the frontlines of threat detection
Recorded live at Black Hat USA 2025 — Mandalay Bay, Las Vegas
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerbh to learn more about them!
- 0:00 - – Live from BlackHat 2025 in Las Vegas
- 01:00 - – Meeting ThreatLocker CEO Danny Jenkins
- 02:10 - – FedRAMP: What It Is and Why It Matters
- 03:30 - – The Pain and Price of FedRAMP Audits
- 05:00 - – Auditor Challenges and Compliance Confusion
- 07:15 - – How ThreatLocker Approaches Zero Trust Security
- 09:00 - – Launching Defense Against Misconfigurations (DAC)
- 12:00 - – Shocking Software Risks: 7Zip, Coupon Clippers & More
- 14:20 - – Application-Level Security Policies Explained
- 16:45 - – Final Thoughts from BlackHat 2025
Danny Jenkins is the CEO and Co-Founder of ThreatLocker, a cybersecurity company specializing in Zero Trust endpoint protection solutions. With over two decades of experience in building and securing corporate networks, including red and blue team operations, Jenkins is a recognized authority in the cybersecurity industry. He is dedicated to advancing cybersecurity awareness and frequently speaks on topics such as ransomware and the Zero Trust approach. Jenkins began his cybersecurity career in 1997 as an ethical hacker. His early career experiences reinforced the importance of proactive, robust cybersecurity measures.
