Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this episode, we're excited to introduce Barnett Klane, VP of Product at Trolley, the leading payouts platform powering the internet economy. Trolley enables businesses to automate global payments to creators, freelancers, and contractors across 210+ countries and territories, serving major companies. Barnett previously founded MyManual and held product roles at Bugcrowd, bringing deep expertise in building products at the intersection of payments, compliance, and creator platforms.

Security tools don’t usually break. They just slowly stop doing what you think they’re doing. Or perhaps were never set up to do what you needed in the first place. Something got deployed. It worked. Then it drifted. No one noticed. And three years later, you’re questioning the renewal because you’re not even sure what it’s protecting anymore. That’s configuration rot. Thanks to Julian Lee at eChannelNews for the fun, thoughtful and much needed conversation on this topic and more.

This week on the podcast, we cover the WatchGuard Threat Lab's Internet Security Report for the second half of 2025. In this episode, we cover the latest trends in malware at both the network perimeter and endpoints, network attacks, and the top malicious domains from the period before, and end with some tips everyone can use to defend their networks.

We don’t bend the elements, but we do help defend against dodgy AI avatars – meet Avast: The last online protector you’ll ever need.

In this episode, we look at Moltworker (for OpenClaw) and Markdown for Agents — including how converting HTML to markdown can reduce a 16,000-token page to ~3,000.

Is Cursor’s new Composer 1.5 model a major leap forward, or just a marginal update? Today, we’re putting the latest version of Cursor’s agentic AI to the test using our "Production-Ready Note App" prompt. We compare the speed, UI design, and agentic capabilities of 1.5 against version 1.0. Most importantly, we run a full security audit using the Snyk extension to see if the AI-generated code is actually safe for production.

This week’s briefing covers: Dive deeper.

Browser security is built around human control. AI browsers break that model. By inserting an assistant that can interpret content and act inside authenticated sessions, behaviors can be manipulated beyond what traditional defenses can detect. Security leaders need to catch this Cato CTRL Cybersecurity Masterclass to see how attackers exploit AI Browser behavior, and what defenders can do to respond.

Aviram (Jit Co-Founder) chats with Pixellot about cutting SCA noise by focusing only on vulnerable packages that are direct dependencies and proven loaded at runtime. Delivered as a daily/weekly report via a custom Jit agent.

In less than 5 minutes, you'll learn how to set up a no-code automated workflow that generates and emails real-time vulnerability reports from Socket using the Tines Story library.