SECURITY.COM The Podcast

SIEM was supposed to be the nerve center of every security operation — collect every log, correlate every event, surface every threat. Most organizations ended up with an expensive log warehouse that generates more noise than signal.Recorded live from RSAC, Dan sits down with Justin Falck — Head of Product for Endpoint at the Enterprise Security Group at Broadcom — to break down where the SIEM model broke, why "magic correlation" never showed up, and what's actually replacing it in modern security operations.In this episode:The original promise of SIEM and where the math fell apartHow detection engineering became a budget black holeWhy XDR and MDR are reshaping the SOC"Owning the blades" — vendor-native correlation vs. data-lake aggregationWhere SIEM still works (and the team sizes it takes)A look at CBX, Carbon Black's XDR launch from RSACMore at security.com. Subscribe, rate, and share with your fellow defenders.Stay sharp, stay curious, stay human.

The Evolution of Cybersecurity Media & PR — with Tony Welz, W2 CommunicationsCybersecurity went from a niche trade-press beat to a nation-state strategy domain in about 25 years. Dan Mellinger sits down with Tony Welz, co-founder of W2 Communications — a strategic communications agency that's specialized in cybersecurity for 23 years — to unpack how the story got told along the way, and who's telling it now.Tony's been in the room for nearly every inflection point: working with Sourcefire from their A-round through their Cisco acquisition, watching FireEye seed the modern threat-research content model, navigating the Target/Sony/Ashley Madison breach era, and helping clients adapt to today's SEC disclosure rules and geopolitical cyber reality.

Iran has always been active in cyberspace — but with U.S. and Israeli kinetic operations underway in March 2026, they're under pressure to make an impact, and cyber is where they can fight asymmetrically. Dan Mellinger and Symantec threat intelligence veteran Dick O'Brien break down what defenders are actually seeing right now: active intrusions on 5–6 organizations in the U.S. and Canada, the recent Stryker attack that weaponized Microsoft Intune instead of malware, and why Iranian operators are rapidly absorbing Russian cloud-attack tradecraft. Plus: why Iran is effectively the #2 most prevalent nation-state adversary, the surprisingly effective social engineering campaigns they're running, the little-known Iranian origins of modern ransomware, and the practical steps every U.S.-facing organization should take this week.More analysis at security.com.

How did Data Loss Prevention go from a forgotten niche to a boardroom necessity? In this episode, host Dan Mellinger sits down with Matt Jones, Channel Technical Director for Information Security at Broadcom's Enterprise Security Group, to trace the full arc of DLP — from its earliest roots to its role in today's enterprise security stack.Matt brings over two decades of hands-on experience, from the days of MimeSweeper and email content inspection to building managed DLP services and working with Symantec DLP for 15+ years. Together, they explore:🕰️ The pre-DLP era — when data protection meant "don't leave documents on the printer"📜 The regulatory turning points — HIPAA, Sarbanes-Oxley, and how GDPR made the board finally pay attention🔍 How breach types evolved — from accidental data leaks to deliberate insider threats🤖 The role of AI and machine learning in modern data classification☁️ DLP in a cloud-first world — why the perimeter is gone and what that means for your data strategy💡 Matt's #1 piece of advice: Start with accurate data classification — and don't forget to review your policiesWhether you're a security practitioner, a CISO, or just trying to understand why DLP matters more than ever, this episode delivers real history, real context, and real talk.🔗 More insights at Security.com 🎧 Subscribe | Rate | ShareStay sharp, stay curious, and stay human.#Cybersecurity #DLP #DataLossPrevention #InfoSec #SecurityPodcast #DataSecurity #Symantec #Broadcom #CloudSecurity #ZeroTrust

As AI shifts from passive large language models (LLMs) to active "Agents" capable of executing tasks, the cybersecurity landscape is hitting a fever pitch. In this episode, recorded ahead of their Black Hat Europe presentation, your go-to cybersecurity communicator Dan Mellinger sits down with Paul Miller (Threat Intelligence & Ops Leader) and Dick O’Brien (Principal Research Editor, Symantec & Carbon Black) to dissect the escalating AI arms race.From the rise of "SpamGPT" to the shift toward "Predictive Security," we explore why defenders might actually have the winning hand in an AI-driven world.

In this episode, Dan Mellinger and Paul Miller host Cooper Quintin from the Electronic Frontier Foundation (EFF) to discuss the evolving landscape of cybersecurity, privacy threats, and the importance of human rights in the digital age. They explore the impact of smartphones on privacy, the role of tools like Privacy Badger, and the need for comprehensive privacy legislation. The conversation also highlights the significance of activism and community involvement in advocating for digital rights and privacy protections.

Dick O'Brien details the Symantec Threat Hunters cybersecurity predictions for 2026. One of which we've already seen come to pass in January.Five Cyber Predictions for 2026: https://www.security.com/feature-stories/five-cyber-predictions-2026

Dan Mellinger and Paul Miller chat with the legendary Chris Wysopal. They discuss the evolution of cybersecurity, the impact of AI on code security, and the responsibilities of developers in the age of automated coding tools. They explore the legacy of The L0pht, the challenges of integrating AI into security practices, and the importance of maintaining vigilance in code security despite advancements in technology.

The cyber-extortion epidemic reached new heights in 2025, with a record number of attacks recorded. This increase is being powered by a new breed of attackers who eschew encryption and rely solely on data theft as leverage for extortion.Recorded live at Black Hat Europe in London, Symantec & Carbon Black Threat Hunter, Dick O'Brien shares how Ransomware strategies shifted in 2025 and what's coming in 2026.

Dan talks data security in the age of AI with the CEO of Seclore, Vishal Gauri.

Dan Mellinger interviews the legendary cybersecurity vulnerability researcher and open-source tool developer, Jerry Gamblin. They explore the importance of understanding CVEs, the role of MITRE, and the significance of the CNA Scorecard in improving data quality. Jerry shares insights on the challenges of managing vulnerabilities, the impact of decentralization, and the need for collaboration among software vendors. The conversation also touches on best practices for vulnerability management, addressing vulnerability fatigue, and the potential of AI in enhancing data processes. Jerry concludes with a glimpse into upcoming projects and innovations at RogoLabs.You can check out all of Jerry's open source tools here: https://rogolabs.net

Paul Miller talks about a topic close to his heart: managing Security Operations team workload. He discusses the causes of analyst burnout, along with signs and ways to help mitigate the impacts, both human and operational.

Dan sits down with Monica White, the CMO of the Enterprise Security Group at Broadcom (and his boss), to talk about the often winding career paths in marketing, early best practices, and understand how authenticity is the key to build durable brands.

Dan sits down with his colleague Nate Fitzgerald (head of product management for ESG) to discuss how and why the cybersecurity market has been transitioning from individual Products to (sometimes) integrated Platforms.

Simon Edwards, Founder and CEO of SE Labs, and Adam Bromwich, CTO of the Enterprise Security Group at Broadcom join Dan in Las Vegas to dive into the details on cybersecurity testing which has been one of the more consistently dramatic topics in the industry.Definitely check out SE Labs to learn more from the best real world performance testing in the industry: https://selabs.uk

Recorded from Hacker Summer Camp in Las Vegas, Dan dives deep into the history and current state of measuring cybersecurity vulnerability risk at scale with the team from Empirical Security. Ed, Michael, and Jay discuss some of the history of vulnerability measurement through the last decade and how they thin the time is now for organizations to start applying highly-specific local vulnerability modeling to their security strategies.There is a ton of amazing information you won't find anywhere else on the Empirical Security Blog: https://www.empiricalsecurity.com

Dan sits down with author Alex East to discuss cybersecurity tips for Seniors and Parents. You can find Alex's books on Amazon: https://www.amazon.com/stores/Alex-Ea...Sorry about the video quality, one of the SSDs on the external recorder was having issues.

Paul Miller recounts a critical incident involving threat intelligence that potentially prevented a nuclear disaster. They explore the geopolitical context surrounding the incident, the challenges of incident response, and the complexities of attributing cyber attacks to specific threat actors. The conversation highlights the importance of threat intelligence in understanding and mitigating risks, as well as best practices for incident response in the face of evolving cyber threats.Takeaways:- Threat intelligence is crucial for understanding cyber threats.- Geopolitical events can significantly impact cybersecurity.- Incident response requires quick decision-making and analysis.- Attribution of cyber attacks is complex and fraught with challenges.- Cybersecurity incidents can have far-reaching consequences.- Effective communication with government agencies is essential.- Historical data analysis is key to threat hunting.- Most cybersecurity work involves routine tasks, with occasional high-stakes incidents.- The evolution of cyber threats necessitates constant vigilance and adaptation.- Collaboration within the cybersecurity community enhances overall defense strategies.

In the first episode of SECURITY.COM The Podcast, hosts Dan Mellinger and Paul Miller discuss the upcoming Hacker Summer Camp, which includes major cybersecurity conferences like DEF CON, Black Hat, and B-Sides. They provide an overview of each event, highlighting their unique focuses and the importance of networking and learning. The conversation also covers essential safety tips for attendees, emphasizing the need for encryption and caution in sharing personal information. The episode concludes with a preview of future topics and a reminder to stay curious and human in the cybersecurity field.TakeawaysHacker Summer Camp includes DEF CON, Black Hat, and B-Sides.Diana Initiative aims to increase diversity in cybersecurity.B-Sides is known for its high-quality talks and community feel.Black Hat focuses on actionable content for corporate security.DEF CON is the largest hacking conference, celebrating all aspects of hacking.Attendees should prioritize safety and use VPNs during conferences.Cash ATMs in casinos are safer than others for withdrawals.Be cautious of oversharing personal information at events.Use encrypted communication tools to protect data.The Wall of Sheep highlights the importance of cybersecurity awareness.

Join Dan Mellinger, your go-to cybersecurity communicator, and Paul Miller, seasoned threat intelligence and operations leader, on SECURITY.COM The Podcast, a show that bridges the gap between cutting-edge security tech and the humans who make it work. Delivering enterprise-grade security insights for all.Every first and third week each month, they unpack hard-nosed technical deep dives—from threat hunting and breaking analysis to the not-so-secrets of Data Security and SSE others won’t tell you—all rooted in the same high‑quality content and bold thought leadership you’ve come to expect on SECURITY.COM.