WE'RE IN!

Hosted by Synack

Technology ManagementInterviews guests

Website RSS feed

Episodes

Latest episode

May 2026

Language

About the show

On WE’RE IN!, you'll hear from the newsmakers and innovators who are making waves and driving the cyber security industry forward. We talk to them about their stories, the future of the industry, their best practices, and more.

Listen to episodes

60 recent

June 15, 202615 min

Becoming a Level 5 Researcher in Just 3 months with Austin, Synack Red Team

In this episode of WE'RE IN, Josh Mason sits down with SRT member Austin, a rising star on the Synack Red Team. Austin shares his hacker origin story and pulls back the curtain on what it takes to break into elite researcher programs. He also deep-dives into his recent "heavy hitter" win: using a JSON Web Token inspection to completely demolish the authorization schema of a U.S. financial services platform, gaining full administrative control. TIMESTAMPS: 00:00 - Introduction 00:39 - A Day in the Life of an SRT Hacker 02:08 - Fast Track to Synack Red Team Level 5 03:12 - Hacker Origin Story 04:40 - Mentorship in Synack Red Team 05:46 - HackerOne vs. Synack: Why Synack is Better for Researchers 07:02 - How Patch Verifications Actually Work 09:16 - Compromising a Financial Platform via JWT 11:10 - Advice to Join the Synack Red Team: Get your OSCP 12:32 - Advice to Cyber Newbies: Always Keep Learning 14:14 - Hunting Authorization and Injection Issues for Synack Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

May 26, 202623 min

Getting Paid to Break Stuff with Ty Bross, SRT

On this episode of WE'RE IN, Josh Mason sits down with Ty Bross, Offensive Security Lead for Sidekick Security and Researcher for the Synack Red Team. Ty discusses his teenage hacking origins, how he broke into the cybersecurity profession, his favorite hacks, and advice to aspiring penetration testers. Chapters: 00:00 Introduction 01:50 Understanding Business Logic Vulnerabilities 03:44 Hacker Origin Story 08:18 Joining the Synack Red Team 09:32 Staying Sharp by Hunting for Bugs 11:00 Supplemental Income with The Synack Red Team 11:43 Collaboration with the Synack Red Team 16:37 Chaining Small Exploits Together 17:50 Advice to Aspiring Synack Red Team Researchers 20:54 What Customers Don't Know About Pentesters Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

April 28, 202624 min

The 9-Year SRT Veteran: Ozgur Alp on the Evolution of Hacking

In this episode, host Josh Mason chats with Synack Red Team Legend Ozgur Alp, who shares his offensive security journey from university to big four consulting to full-time Synack Red Team researcher. Ozgur gives his unique take on where AI excels (and falls short), which roles AI will replace, and whether the cost of AI is sustainable in the long-term. Chapters: 00:00 Introduction: Meet Ozgur 03:28 Joining the Synack Red Team 07:13 Critical Authorization and Authentication Bugs 08:03 Why Ozgur Still Uses Burp 1.7.37 08:32 Pentesting with AI and Automation 09:12 Will AI Replace Human Pentesters? 11:53 Why AI Struggles with Business Logic 13:45 Why Google Can't "Solve" XSS (Even with AI) 14:47 How Mythos is Changing Offensive Security 16:15 The Benefits of Hacking with AI 17:09 How AI is Changing Pentesting 19:42 Vibe Coding is Creating More Security Vulnerabilities 23:11 Is the Cost of AI Sustainable Long-Term? 23:51 Closing Remarks Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

April 21, 202627 min

From Bikes to Bytes: Breaking into Security with Tim Nordvedt

Josh Mason sits down with Tim Nordvedt, Synack's Senior Manager of North American Solutions Architects, to discuss his unique cybersecurity origin story, the power of networking, automating attack surface discovery, and why "falling in love with learning" is the only way to survive an AI-driven security landscape. Chapter Timestamps 00:00 Introduction: Meet Tim Nordvedt 01:05 Security Origin Story 02:36 The Commodore 64: A Forgotten Connection to Tech 03:35 The Classroom Moment: Discovering Offensive Security 04:54 Collecting Certs and Networking Like Crazy 09:37 Reframing Imposter Syndrome: Skills are Never Wasted 10:34 Lessons as a Bike Mechanic: Translating Technical Value 14:31 Trying Out for the Synack Red Team (SRT) 15:29 Transitioning to Solutions Architecture (SA) 18:40 Building Tools: Automating Attack Surface Discovery (ASD) 21:48 Proactive Defense: Providing Value to Customers 25:14 Career Advice: Fall in Love with Learning 25:39 Upskill for the Future: AI and Agentic Red Teaming 26:43 Closing Thoughts Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

April 9, 202619 min

Teri Green: "AI is Artificial, YOU are the Intelligence!"

In this episode of WE'RE IN, host Josh Mason sits down with Teri Green, VP of Technology at Elevate and CIO/CISO at Light Technology Solutions. Teri breaks down her proprietary TEST Framework (Touch, Execute, Store, Trust)-a practical toolset for CISOs to evaluate AI risk beyond simple vulnerabilities. They discuss why humans remain the greatest vector in the age of AI, how to teach digital citizenship to the next generation, and why the basics of security still apply even as we move toward a quantum future. Timestamps: [00:00] Welcome, meet Teri Green [00:43] Cybersecurity Origin Story [01:44] Degrees and Certifications [02:34] Career Path and Leadership [03:28] TEST AI Risk Framework [05:30] AI Trust and Human Factor [06:53] Teaching AI Ethics to Kids [08:34] Governance Outpaced by AI [09:42] Upcoming Talks and Takeaways [12:37] Learning AI and Plain Language [16:17] AI Already in Your Org [18:13] Where to Follow Teri [18:58] Closing and Thanks Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

March 3, 202612 min

From 14-Year-Old Bug Hunter to Level 5 SRT Hero

In this episode of WE’RE IN, Josh Mason sits down with Sayaan Alam, a Level 5 Synack Red Team (SRT) member who started his hacking journey at 14 years old. Sayaan shares his story of how he became the second-youngest researcher onboarded to the SRT and how he climbed the ranks to become recognized on the Synack Acropolis. Timestamps: 00:54 Meet Sayaan: Starting Bug Bounties at 14 01:33 Joining the Synack Red Team (SRT) 03:18 SRT Onboarding Process 04:41 Climbing the Tiers: From Level 1 to Level 5 05:42 Why Synack is Different from Other Platforms 06:30 Improving Professional Pentesting Skills 06:58 Finding Patterns in Client Architectures 08:32 The AI Chatbot Vulnerability: SSRF Case Study 10:57 Remediation Advice for AI File Handling 11:58 Trends in AI Chatbot Security & Stored XSS 13:12 Thoughts on Sara: The Synack Autonomous Red Agent 14:29 How to Connect with Sayaan 15:07 Outro and Closing Remarks Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

January 13, 202627 min

How AI is Changing Offensive Security: Webinar

This conversation explores how AI is transforming the offensive security landscape, focusing on the rise of AI-driven vulnerabilities, the evolution of pen testing, and the integration of human and AI efforts in cybersecurity. The discussion highlights the importance of adapting to new threats and the role of Synack's Autonomous Red Agent in enhancing vulnerability detection and remediation processes.Timestamps04:51Traditional vs. Modern Pen Testing Approaches07:55The Role of Human Analysts in AI-Driven Security10:57Introducing Sara Pentest: A New Era in Testing13:16Executing a Sara Pentest: A Step-by-Step Guide20:13Real-Time Insights from Sara Pentest23:20Technical Difficulties and Collaboration23:25Exploring Pen Test Engagements27:00Successful Pen Test Outcomes and Future Implications Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

January 12, 202628 min

Dive Into Pentesting with Bloodtyper

Synack Red Team member Bloodtyper reveals his journey from the DMZ to discovering critical AI prompt injection vulnerabilities. Learn how he creates bug bounty reports that get accepted, as well as other golden nuggets of advice to learn and grow your penetration testing skills.CHAPTERS:0:00 Introduction01:03 Military Origins & The DMZ01:58 Hacker Origin Story04:06 Transitioning from Infantry to Tech07:22 Joining the Synack Red Team (SRT)08:04 Learning with Hack The Box09:52 Bug Bounty Reporting Strategy12:14 Synack Vuln Ops16:03 Advice for New Pentesters18:44 AI Prompt Injection Deep Dive21:35 Retesting & Patch Verification23:25 How to Improve Patching26:02 Advice to Learn Cyber Security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

December 4, 202524 min

Responsible Disclosure and Bug Bounty Programs: Webinar

Adam Logue, Independent Security Researcher and Synack Red Teamer, discusses his experiences with responsible disclosure and bug bounty programs, and provides a fascinating technical deep dive into a vulnerability he found in Microsoft 365 Copilot during a client-facing engagement.Timestamps:00:49 - Adam's background with responsible disclosure and bug bounty programs04:33 - Description of M365 vulnerability12:34 - Demo of the vulnerability17:53 - How to pentest AI20:45 - Getting started in pentesting23:07 - Benefits of hacking with Synack Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

September 16, 202532 min

Cynthia Kaiser is Building Partnerships to Stop Ransomware Threats

Blake and Cynthia take an in-depth look at the evolving ransomware threat landscape, the interplay between government and private sector in cybersecurity, and the challenges and opportunities presented by new technologies like AI.Timestamps: 00:19 - Halcyon’s Ransomware Research Center07:24 - Actors behind ransomware campaigns11:22 - Will AI help offense or defense? 17:29 - Known vulnerabilities21:10 - Where do you fall on ransomware payments?28:24 - How to stop bad actors30:44 - Guest fun fact Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.