The Security Table

Hosted by Izar Tarandach, Matt Coles, and Chris Romeo

TechnologyInterviews guests

Website RSS feed

Episodes

105

Latest episode

Jun 2026

Language

EN-US

About the show

The Security Table is four cybersecurity industry veterans from diverse backgrounds discussing how to build secure software and all the issues that arise!

Listen to episodes

60 recent

June 3, 2026Episode 1140 min

The Agentic Access Problem: When AI Becomes Its Own Administrator

In this episode, we explore what happens when AI agents meet the security principle of least privilege. As agents gain the ability to request permissions, make decisions, and interact with systems on our behalf, the line between human and machine responsibility starts to blur. The discussion covers prompt fatigue, over-permissioned agents, and why "because the agent told me to" may become the next security anti-pattern—before taking a hilarious detour into EULAs, cookie notices, and Matt's unexpected habit of reading both.🚀 Join the ConversationIf your AI agent requested administrator access right now, would you know whether it actually needed it?FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

May 8, 2026Episode 1042 min

The Tool Creep Problem: When More Security Means Less Security

In this episode, we break down why security budgets keep growing while organizations keep falling further behind. We explore how tool creep has quietly shifted from a nuisance into an active attack surface, and why agentic AI is becoming the insider threat no one planned for. Izar shares a firsthand account of watching an AI agent attempt increasingly creative workarounds to escape a sandbox, revealing just how much risk lives in the gap between what agents are told to do and what they are actually capable of. At the end of the day, it comes back to fundamentals: define your agents' boundaries, limit their capabilities to only what they need, and stop confusing tool accumulation with security maturity.🚀 Join the ConversationIf your AI agent were compromised today, would you even know it was the agent and not you?FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

April 30, 2026Episode 947 min

The Human In The Loop Illusion: Why AI Approvals Are Failing Security

In this episode, a debate about hacker movies turns into a deeper conversation about AI, security, and the human-in-the-loop illusion. We explore how approval fatigue and AI-generated code can create a false sense of security and why fundamentals still matter.🚀 Join the Conversation Are we improving security, or just automating bad decisions faster?FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

April 15, 2026Episode 847 min

The Mythos Problem: When AI Finds Every Vulnerability

In this episode, we break down the “AI Vulnerability Storm” and what happens when AI can find—and exploit—vulnerabilities faster than humans can fix them.We explore how compressed OODA loops are shifting the balance toward attackers, why traditional scoring like CVSS may start to break down, and whether “just patch faster” is even realistic anymore. The team also questions the push toward AI agents everywhere—and whether fighting AI with more AI actually solves the problem.At the end of the day, it comes back to fundamentals: reduce your attack surface, simplify your systems, and focus on what actually matters.🚀 Join the ConversationIs this a real shift in security—or just faster chaos?FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

April 8, 2026Episode 747 min

What If AI Never Happened? The AppSec Reality Check

In this episode, we explore a simple but surprisingly deep question: what would application security look like if generative AI never existed? We break down how AppSec might still rely on deterministic, rule-based approaches, what we might gain in structure and rigor, and what we’d lose in speed, scale, and accessibility. Along the way, we debate whether AI is truly improving security or just accelerating existing problems, from “vibe coding” and false confidence in results to the growing gap between finding and fixing vulnerabilities.We also get into the tension between human-driven security practices and AI-assisted workflows, and whether the biggest challenges in AppSec are actually technical at all or still rooted in people and process. Plus, things take a turn as we let AI weigh in…and roast us a bit in the process.Per usual, it’s a mix of thoughtful discussion, strong opinions, and a little chaos.FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

April 1, 2026Episode 649 min

The Evolution Problem: After 100 Episodes, What’s Changed… and What Hasn’t?

We made it to 100 episodes, so naturally, we decided to look back and see how wrong we’ve been. In this episode, we revisit some of our past topics, predictions, and hot takes to figure out what still holds up and what didn’t quite land. From “we don’t know what we don’t know” to the evolution of security tools, we reflect on what’s changed, what hasn’t, and why some problems never seem to go away. Along the way, we compare where we were then to where things stand now, calling out a few wins, a few misses, and everything in between. After all this time, are we actually any smarter, or just better at explaining the same problems? This episode is part reflection, part reality check, and a look at what 100 episodes have really taught us.FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

March 25, 2026Episode 548 min

The Agent Access Problem: When AI Has the Keys, Who’s Really in Control?

In this episode, we dive into the messy reality of AI agents acting inside your systems and what that means for modern security. We explore the idea of agents as actors with real access—credentials, APIs, and permissions—and why this isn’t as new as it sounds (hint: it’s just applications all over again). We unpack where things actually get risky, from over-permissioned agents to unpredictable behavior driven by prompts, and why “it won’t go rogue” might be missing the point entirely. We also question the growing hype around AI governance, whether security teams are actually gaining control or just making more lists, and what happens when agents start talking to each other… and running up your bill. Per usual, the conversation is filled with sarcasm, skepticism, and a healthy dose of “maybe just add parental controls.”FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

March 20, 2026Episode 436 min

The Invisible Code Problem: When You Can’t See the Attack, Can You Stop It?

In this episode, we dive into the strange world of invisible Unicode attacks and what they could mean for modern software security. We explore how hidden characters can be used to conceal malicious code within packages, why this isn’t entirely a new problem, and whether current tools, such as linters and SAST, are equipped to detect it. We also question the role of LLMs in both enabling and detecting these attacks, and whether this is a real emerging threat or just another overhyped security scare. Per usual, the conversation is filled with sarcasm, skepticism, and a healthy dose of “just don’t do it.FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

February 6, 2026Episode 341 min

The Moltbook Dilemma: What Happens When AI Agents Start Networking

In this episode, we discuss the implications of AI technologies like OpenClaw and Moltbot, exploring the potential threats and societal changes that may arise from their integration into daily life. We talk about the nature of AI communication, the concept of agentic AI, and the philosophical questions surrounding the future of human and machine interaction. Per usual our conversation is laced with humor and skepticism about the rapid advancements in AI and their impact on society.FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!

January 28, 2026Episode 240 min

The Walking Dead of Security: When AI Resurrects the Build vs. Buy Debate

Are cybersecurity technologies really dead, or are reports of their demise greatly exaggerated? Today’s episode is a discussion on how AI is reshaping the classic build vs. buy debate, empowering non-engineers to create working prototypes and potentially reviving the DIY coding culture of pre-open-source days. We also talk about how developers trained on open source are now leveraging AI built from that same foundation, raising questions about innovation and originality in modern programming.Build vs Buy is Dead - AI Just Killed It Traditional Code Review is DeadFOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcast➜LinkedIn: The Security Table Podcast➜YouTube: The Security Table YouTube ChannelThanks for Listening!