All Episodes

Displaying 1 - 20 of 52 in total

Finding Misconfigurations Before Attackers Do

Misconfigurations are one of the quietest but most common ways attackers get a foothold, especially in cloud, identity, and hybrid environments. In this narrated Insig...

Secure Coding Foundations and the Bugs Attackers Love

Most security incidents do not start with sophisticated zero-day exploits; they begin with very normal bugs in very normal code. In this episode, we walk through Secur...

Making Sense of Cloud IAM Accounts and Roles

Cloud permissions should not feel like a guessing game. In this narrated Insight, we walk through the essentials of Cloud Identity and Access Management (Cloud IAM) in...

Getting Accounts, Roles, and Least Privilege Right in the Cloud

Cloud Identity and Access Management (IAM) can feel like a maze of accounts, roles, and policies, especially once your cloud footprint starts to grow. In this audio ve...

SaaS Security Essentials for Cloud-First Teams

Software as a Service (SaaS) has become the default way many teams get work done, but that convenience comes with a messy tangle of accounts, data flows, and vendor re...

From Endpoints to Ecosystem – API Security for Microservices

When your organization embraces microservices, every new service usually brings another application programming interface (API) to protect. This narrated Tuesday “Insi...

SPF, DKIM, DMARC and the Battle Against Email Spoofing

Email spoofing sits at the center of so many phishing campaigns, and SPF, DKIM, and DMARC email authentication give you a way to push back with clear, technical signal...

Security Metrics That Actually Matter to the Business

Many security teams are flooded with data but still struggle to explain to leaders what is actually getting safer, what remains exposed, and where new investment will ...

Making Multi-Factor Authentication Actually Work for People

Multi-Factor Authentication (MFA) is one of the highest-impact defenses most teams already own, but it often lands as pure friction instead of real protection. In this...

Getting Session Management and SSO Under Control

In this narrated Insight, we unpack how session management and Single Sign-On (SSO) quietly shape every login across your environment. You will hear how sessions tie a...

Making Sense of SBOMs and Software Supply Chains

This narrated Insight explores Software Bill of Materials (SBOM) as a practical tool for understanding and managing software supply chain risk. Across two focused segm...

Using Data Safely with Masking and Anonymization

This narrated Insight walks through how data masking and anonymization let teams work with rich, realistic data without casually exposing real people. You will hear cl...

Choosing Between Role-Based and Attribute-Based Access

Access control choices are rarely just academic; they show up every day in how your team grants, reviews, and revokes access. In this narrated Insight, we walk through...

From Inbox to Incident – Email Attachments, Links, and Everyday Defenses

Inbox risk is still where a lot of bad days begin. In this Tuesday “Insights” episode of Bare Metal Cyber, we break down how everyday email attachments, links, and “ro...

Identity Lifecycle 101 – Getting Joiners, Movers, and Leavers Right

Identity lifecycle management (ILM) is one of those foundational practices that quietly makes or breaks your security posture. In this narrated Insight, we walk throug...

Learning to Hunt Threats Before Alerts Explode

Threat hunting can sound like something reserved for elite analysts, but this episode shows how it becomes a calm, structured habit any thoughtful defender can build. ...

Mapping the Quiet Highways Between Your SaaS Tools

When your organization lives inside dozens of Software as a Service (SaaS) tools, the real action often happens in the connections between them. In this narrated Tuesd...

Making Sense of Identity Threat Detection and Response (ITDR)

Identity Threat Detection and Response (ITDR) is all about seeing security through the lens of accounts, not just machines and networks. In this audio version of my Tu...

Password Managers in the Real World of Enterprise Chaos

Enterprise password habits are rarely as clean as our policies suggest, and that gap is where risk quietly grows. In this narrated edition of our Tuesday “Insights” fe...

Remote Work Security That Actually Works at Home

Remote work is no longer a special case, and many security issues now begin on a home network or a personal device. In this audio edition, we walk through Remote Work ...

Broadcast by