Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bug bounty programs are more than just rewards for hackers—they’re a gateway to stronger security, global collaboration, and even career transformation. In this episode, Netta Oren, cybersecurity manager and seasoned bug bounty advocate, shares how organizations can build successful bounty programs, responsibly manage disclosures, and create a win-win culture for both companies and ethical hackers.

GPT-5 was jailbroken in under 24 hours using simple "storytelling" techniques that bypass safety guardrails. The key insight from our podcast? Individual AI requests appear legitimate but become dangerous when combined. Bad actors can request network code in one session, convincing emails in another, and credential collection forms in a third. Each task seems normal individually, but together they form a complete phishing toolkit.

We welcomed Ezra Woods, Security Engineer at Grand Canyon Education to Defender Fridays. Ezra discussed remote management tool abuse. He shared insights on current attack trends and practical defensive strategies you can use to protect your environment.

Threat hunters need evidence to find adversaries. Networks offer a broad and reliable source of evidence, helping hunters make sense of movement across their environment via an immutable record of activity. Traffic, unlike endpoints, cannot lie. But the rise of encryption complicates this picture, especially where decryption isn't an optimal or possible solution.

A critical zero-day (CVSS 10.0) in Adobe Experience Manager (AEM) Forms JEE 6.5.23.0 and earlier allows authentication bypass and remote code execution (RCE). AppTrana delivers immediate Day 0 protection with: Virtual patching before vendor fixes Continuous monitoring of exploit attempts 24×7 security team ensuring zero downtime With a public PoC already available, the risk is high. Apply the patch ASAP or protect instantly with AppTrana WAAP.

This demo uses the Advanced Query capability in Aurora Endpoint Defense to investigate an alert and learn that it was a part of a larger attack.

What happens if an API token or key is compromised? The ability to instantly revoke or block tokens during an incident is critical to stopping attackers. In this clip, Wallarm and Oracle experts discuss real-world challenges in detecting and disabling malicious tokens—and why mature incident response and tooling are essential for API security.

Learn how to unlock the full power of the ESXi command-line interface in this in-depth walkthrough. From enabling SSH and navigating esxcli namespaces to managing storage, networking, VMs and software packages — this video is packed with practical examples for real-world administration of VMware vSphere environments. Topics covered include: Enabling SSH and accessing the ESXi shell Exploring the structure and syntax of esxcli.

CloudCasa delivers certified, enterprise-grade data protection for Red Hat OpenShift across private, public, and edge environments. Protect VMs and containers with immutability, encryption, and isolated management domains. Gain reliable backups, disaster recovery, and migration across multi-cluster, multi-cloud, and multi-tenant setups. With automation-first design, zero-touch agents, and advanced recovery options, CloudCasa ensures your workloads are secure, recoverable, and portable—without limits.

Defending Against WAF, API, and DDoS Attacks In this video from SourceForge, Carlo Alpuerto of A10 Networks explains the "outside-in" protection philosophy behind ThreatX. He uses the metaphor of a castle wall, stating that the defense focuses on who and what is attacking it, rather than what is behind it. Alpuerto details the flexibility of the A10's ThreatX solution, which can be deployed in various hybrid scenarios, including on-premise physical or virtual environments, as well as different cloud environments like AWS, Azure, and GCP.