Home Podcasts The Security Table
The Security Table

The Security Table

Izar Tarandach, Matt Coles, and Chris Romeo 106 Episodes Jul 1, 2026

The Security Table brings together four cybersecurity industry veterans from diverse backgrounds to discuss building secure software and the challenges that arise. The podcast covers a range of topics related to software security, drawing on the hosts' extensive experience.

Episodes

Don't Bury the Model T: Why STRIDE Still Drives in an AI World Jul 1, 2026 3543 In this episode, we dig into two things the security community loves to argue about: npm finally doing the right thing and whether STRIDE has any business being called dead. The npm v12 changes gate dangerous install script behavior by default, which is a good step forward and also about a decade overdue. Then we wade into a hot take claiming that STRIDE was built for a world that no longer exists
Mostly Dead or Mostly Back: The Zombie Resurrection of DAST in an AI World Jun 24, 2026 2537 In this episode, we dig into whether DAST is dead, mostly dead, or quietly making a comeback dressed in an AI trench coat. The conversation traces the origins of dynamic application security testing from nmap scans and open source hacker tools to a market now valued at nearly four billion dollars and growing. We debate where DAST ends, and AI pen testing begins, whether AI can find a vulnerability
Realists At The Table: How To See Through The Hype Jun 17, 2026 2252 In this episode, we dig into how the cybersecurity personality has shifted from the ego-driven, hoodie-up archetype to the paycheck-chasing newcomer. The conversation covers hype cycles from mainframes to AI to quantum, whether passion or profit is driving the next generation into the field, and why we think the threat modeling problem is already solved. At the same time, everyone else keeps getti
The Agentic Access Problem: When AI Becomes Its Own Administrator Jun 3, 2026 2407 In this episode, we explore what happens when AI agents meet the security principle of least privilege. As agents gain the ability to request permissions, make decisions, and interact with systems on our behalf, the line between human and machine responsibility starts to blur. The discussion covers prompt fatigue, over-permissioned agents, and why "because the agent told me to" may becom
The Tool Creep Problem: When More Security Means Less Security May 8, 2026 2531 In this episode, we break down why security budgets keep growing while organizations keep falling further behind. We explore how tool creep has quietly shifted from a nuisance into an active attack surface, and why agentic AI is becoming the insider threat no one planned for. Izar shares a firsthand account of watching an AI agent attempt increasingly creative workarounds to escape a sandbox, reve
The Human In The Loop Illusion: Why AI Approvals Are Failing Security Apr 30, 2026 2866 In this episode, a debate about hacker movies turns into a deeper conversation about AI, security, and the human-in-the-loop illusion. We explore how approval fatigue and AI-generated code can create a false sense of security and why fundamentals still matter.🚀 Join the Conversation Are we improving security, or just automating bad decisions faster?FOLLOW OUR SOCIAL MEDIA:➜Twitter: @SecTablePodcas
The Mythos Problem: When AI Finds Every Vulnerability Apr 15, 2026 2838 In this episode, we break down the “AI Vulnerability Storm” and what happens when AI can find—and exploit—vulnerabilities faster than humans can fix them.We explore how compressed OODA loops are shifting the balance toward attackers, why traditional scoring like CVSS may start to break down, and whether “just patch faster” is even realistic anymore. The team also questions the push toward AI agent
What If AI Never Happened? The AppSec Reality Check Apr 8, 2026 2828 In this episode, we explore a simple but surprisingly deep question: what would application security look like if generative AI never existed? We break down how AppSec might still rely on deterministic, rule-based approaches, what we might gain in structure and rigor, and what we’d lose in speed, scale, and accessibility. Along the way, we debate whether AI is truly improving security or just acce
The Evolution Problem: After 100 Episodes, What’s Changed… and What Hasn’t? Apr 1, 2026 2980 We made it to 100 episodes, so naturally, we decided to look back and see how wrong we’ve been. In this episode, we revisit some of our past topics, predictions, and hot takes to figure out what still holds up and what didn’t quite land. From “we don’t know what we don’t know” to the evolution of security tools, we reflect on what’s changed, what hasn’t, and why some problems never seem to go away
The Agent Access Problem: When AI Has the Keys, Who’s Really in Control? Mar 25, 2026 2902 In this episode, we dive into the messy reality of AI agents acting inside your systems and what that means for modern security. We explore the idea of agents as actors with real access—credentials, APIs, and permissions—and why this isn’t as new as it sounds (hint: it’s just applications all over again). We unpack where things actually get risky, from over-permissioned agents to unpredictable beh
The Invisible Code Problem: When You Can’t See the Attack, Can You Stop It? Mar 20, 2026 2194 In this episode, we dive into the strange world of invisible Unicode attacks and what they could mean for modern software security. We explore how hidden characters can be used to conceal malicious code within packages, why this isn’t entirely a new problem, and whether current tools, such as linters and SAST, are equipped to detect it. We also question the role of LLMs in both enabling and detect
The Moltbook Dilemma: What Happens When AI Agents Start Networking Feb 6, 2026 2465 In this episode, we discuss the implications of AI technologies like OpenClaw and Moltbot, exploring the potential threats and societal changes that may arise from their integration into daily life. We talk about the nature of AI communication, the concept of agentic AI, and the philosophical questions surrounding the future of human and machine interaction. Per usual our conversation is laced wit

Recommended