Welcome back to the show! Hacker Valley Studio podcast features Host Ron Eddings, as he explores the world of cybersecurity through the eyes of professionals in the industry. We cover everything from inspirational real-life stories in tech, to highlighting influential cybersecurity companies, and we do so in a fun and enthusiastic way. We’re making cybersecurity accessible, creating a whole new form of entertainment: cybertainment.
Episodes
17 hours ago
17 hours ago
Three banks in four days isn't just a bragging right for penetration testers. It's a wake-up call showing that expensive security tools and alarm systems often fail when tested by skilled operators who understand both human behavior and technical vulnerabilities.
Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, talk about their latest physical penetration tests on financial institutions, manufacturing facilities protecting COVID-19 vaccine production, and why their new Server 2025 course had to rewrite most common Active Directory tools. They share stories of armed guards, police gun draws, poison ivy reconnaissance, and a bag of chips that saved them from serious trouble. The conversation reveals why EDR alone won't stop ransomware, how offline backups remain the exception rather than the rule, and what security controls actually work when attackers bring custom tooling.
Impactful Moments:
00:00 - Intro
01:00 - New training courses launched
03:00 - Server 2025 breaks standard tools
05:00 - COVID facility physical penetration
07:00 - Armed guards change the game
10:00 - Police draw guns on operators
13:00 - Bag of chips saves the day
15:00 - Nighttime versus daytime physical tests
18:00 - VIP home security assessments
20:00 - 2026 threat predictions
22:00 - Why EDR doesn't stop ransomware
27:00 - Low cost ransomware simulation ROI
29:00 - Three banks in four days
32:00 - Deepfake as the new EDR
Links:
Connect with our guests –
Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/
John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/
Learn more about White Knight Labs: https://www.whiteknightlabs.com
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Thursday Dec 11, 2025
Thursday Dec 11, 2025
When your firewall forgets to buckle up, the crash doesn’t happen in the network first, it happens in your blindspots.
In this episode, Ron is joined by returning guest Chris Hughes, Co-Founder of Aquia and host of the Resilient Cyber podcast. Chris helps reframe vulnerability work as exposure management, connect technical risk to human resilience, and break down the scoring and runtime tools security teams actually need today. Expect clear takeaways on EPSS, reachability analysis, ADR, AI’s double-edged role, and the one habit Chris swears by as a CEO. This episode fuses attack-surface reality with mental-attack-surface strategy so you walk away with both tactical moves and daily practices that protect systems and people.
Impactful Moments:
00:00 - Intro
02:00 - Breaking: Fortinet WAF zero-day & visibility lesson
05:00 - Meet Chris Hughes: CEO, author, Resilient Cyber host
08:00 - Mental attack surface explained and why it matters
18:00 - From CVSS to EPSS, reachability, and ADR realities
21:00 - AI as force-multiplier for attackers and defenders
24:30 - Exposure vs vulnerability naming, market trends
26:00 - Chris’s book & how to follow his work
30:00 - Ron’s solo: 3 pillars to patch your mindset
34:00 - Closing takeaways and subscribe reminder
Links:
Connect with our guest, Chris Hughes, on LinkedIn: https://www.linkedin.com/in/resilientcyber/
Check out the article on the Fortinet exploit here: https://www.helpnetsecurity.com/2025/11/14/fortinet-fortiweb-zero-day-exploited/
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Thursday Dec 04, 2025
Thursday Dec 04, 2025
The real disruption isn’t AI replacing humans, it’s the shocking possibility that human labor was the economic bubble all along.
In this episode, Ron Eddings sits down with Daniel Miessler, founder of Unsupervised Learning and longtime security leader, to break open why companies are hitting record profits with shrinking workforces, and what that means for your future. Daniel shares how AI agents, context management, and his Telos problem-first framework are reshaping what it means to create value in the modern economy. From Apple to Human 3.0, Daniel explains why building in public, learning fast, and solving real problems are the ultimate career edge in an AI-powered world.
Impactful Moments:
00:00 - Introduction
02:00 - Jobless profit boom accelerates
05:00 - Daniel's AI journey at Apple
08:00 - Building careers around problems
12:00 - AI bubble or timing problem
15:00 - Nine-year-old codes app in two hours
18:00 - Human labor is the bubble
22:00 - Context management changes everything
26:00 - Adaptation equals survival
Links:
Daniel’s Website: danielmiessler.com/
Daniel’s Github: https://github.com/danielmiessler/
Daniel’s LinkedIn: https://www.linkedin.com/in/danielmiessler/
Upcoming events: https://www.hackervalley.com/livestreams
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Tuesday Dec 02, 2025
Tuesday Dec 02, 2025
AI agents aren't just reacting anymore, they're thinking, learning, and sometimes deleting your entire production database without asking. The real question isn't if your AI agent will be hacked, it's when, and whether you'll have the right hooks in place to stop it before it happens.
In this episode, Ron breaks down the ChatGPT Atlas vulnerability that shocked researchers, revealing how malicious prompts can turn AI assistants against their own users by bypassing safeguards and accessing file systems. He presents his new talk "Hooking Before Hacking," introducing a framework for applying EDR principles, prevention, detection, and response, to AI agents before they execute unauthorized commands. From pre-tool use hooks that catch malicious intent to one-time passwords that put humans back in the loop, this episode shares practical security controls you can implement today to prevent your AI agents from going rogue.
Impactful Moments:
00:00 - Introduction
02:00 - ChatGPT Atlas vulnerability exposed
04:00 - AI technology outpacing security guardrails
05:00 - Guardrail jailbreaks and prompt injection
06:00 - AI agents deleting production databases
07:00 - EDR principles for AI agents
09:00 - Pre-tool use hooks catch intention
11:00 - User prompt sanitization prevents leaks
14:00 - One-time passwords for agent workflows
16:00 - Automation mistakes across 10 years
Links:
Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/
Check out the entire article here: https://www.yahoo.com/news/articles/cybersecurity-experts-warn-openai-chatgpt-101658986.html
GitHub Repository: https://hackervalley.com/hooking-before-hacking
See Ron's "Hooking Before Hacking" presentation slides here: http://hackervalley.com/hooking-before-hacking-presentation
Check out our website: https://hackervalley.com/
Upcoming events: https://www.hackervalley.com/livestreams
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio
Thursday Nov 13, 2025
Thursday Nov 13, 2025
What if your security team never missed a single alert and actually had time to think strategically?
In this episode, Ahmed Achchak, CEO and Co-Founder of Qevlar AI, reveals how autonomous SOCs are reshaping security operations worldwide. From tackling alert fatigue to empowering analysts with intelligent AI-driven investigations, Ahmed shares the inside story of building a system that can act on threats faster than any human alone. Learn how Qevlar’s innovative approach is giving organizations clarity, control, and measurable ROI while freeing security teams to focus on what truly matters.
Impactful Moments
00:00 - Introduction
01:30 - Founding Qevlar AI by chance
03:30 - Inefficiency of current SOCs
05:00 - Augmenting analysts, not replacing them
08:00 - AI investigating alerts at scale
11:30 - How autonomous agents handle phishing
14:30 - Why tackling all alerts maximizes ROI
17:30 - Graph technology as investigation backbone
25:00 - Limitations and randomness of LLMs
30:30 - Advice for testing AI in SOCs
Links
Connect with our guest Ahmed on LinkedIn: https://www.linkedin.com/in/ahmed-achchak-872554109/
Check out Qevlar’s website: https://www.qevlar.com/
Check out our upcoming events: https://www.hackervalley.com/livestreams
Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio
Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com
Continue the conversation by joining our Discord: https://hackervalley.com/discord
Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/