Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why AI agents don’t understand good or bad.

Trust: The ultimate defense against cyber deception?

On this episode of The Cybersecurity Defenders Podcast, we revisit the 2025 predictions shared by our guests throughout the year. From attackers and defenders to AI and the broader security industry, these forecasts capture what experts expected was coming next. Rather than judging accuracy - which is still too early to assess - we're examining the predictions themselves: where they aligned, how they clustered, and what those patterns reveal about the industry’s mindset as this year came to a close. Free from hindsight bias, this episode explores what remained uncertain as we entered 2026.

This week on the podcast, we cover a wave of attacks against network edge equipment and internet-exposed systems including an update on the recently patched Firebox 0-Day. After that, we cover two stories on browser extensions siphoning off data and making unwanted modifications to victim’s web browsing activity.

SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated.

Security teams don’t struggle to find issues. They struggle to move them forward. In this use case demo, we show how remediation coordination breaks down when assets have no clear owner, and how remediation orchestration restores accountability across teams, tools, and environments. You’ll see how security teams can move beyond manual handoffs, Slack messages, and guesswork by orchestrating remediation across teams, even when ownership is unclear or spans multiple domains.

Now that ggshield is installed, the next step is to authenticate it with GitGuardian so it can scan and talk to the API. The most common method is browser-based login: ggshield auth login This opens your browser and prompts you to sign in through the GitGuardian dashboard. It automatically generates an access token for you and stores it safely in your local configuration. By default, the token is scoped for secret scanning, which is what most people need. We’ll revisit scopes later.

In this video, I walk you step by step through the process of adding MCP servers to Google’s Antigravity. You’ll learn how they integrate with Antigravity and how to configure them correctly so everything runs smoothly.

Garrett Hamilton, CEO and Co-Founder of Reach Security, sits down with Todd Graham, Managing Partner at Microsoft’s venture fund M12, to discuss why modern cybersecurity programs struggle to reduce real risk — despite massive spending on tools. Recorded at Black Hat, the conversation explores how misconfigurations, unused controls, and operational blind spots create exposure long before attackers need advanced techniques.

Security teams know the attack techniques. What they don’t always know is how those techniques actually land in their environment. Reach maps your existing controls to MITRE ATT&CK (and D3FEND) and shows—visually—︎ which techniques are covered︎ which tools provide that coverage︎ and where real gaps exist Because “we have the tool” isn’t the same as “the technique is stopped.”