Claim OwnershipThe Security Podcast of Silicon Valley
Subscribed: 12Played: 165
Subscribe
© Copyright 2025 All rights reserved.
Description
The Security Podcast of Silicon Valley invites founders, engineers, and security leaders to share how they tackle compliance, growth, and real-world security challenges—turning obstacles into strategic advantages. Brought to you by YSecurity.
91 Episodes
Reverse
Is your security team drowning in noise while your developers struggle to keep up? Neatsun Ziv, CEO of Ox Security, explains why traditional "Shift Left" strategies have failed and how applying business context can help your team focus on the vulnerabilities that actually matter. Listen to the full episode to learn how to turn security into a competitive advantage.
Neatsun: https://www.linkedin.com/in/neatsun-ziv-ab7394/
Ox Security: http://www.ox.security/
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
Most security decisions fail when the people doing the work don’t have the information they need. Garrett Smith, Founder and CEO of Reveal Technology and a Marine Corps Reserve Lieutenant Colonel, explains how bottom-up product design changes defense outcomes—and what business leaders can learn about building technology people actually adopt. Listen to learn how compliance, procurement, and mission pressure shape what ships and what stalls.
Garrett: https://www.linkedin.com/in/wgarrettsmith/
Reveal Technology: https://www.revealtech.ai
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
AI agents can delete your production database and tell you everything is fine. Graham Neray, Co-Founder and CEO of Oso, breaks down why AI agents introduce a new level of risk for growing SaaS companies. If you’re adding AI to your product, moving upmarket, or selling into regulated industries, your authorization model is no longer a backend detail—it’s a growth dependency. Listen in to learn how automating least privilege protects your product, your customers, and your revenue.
Graham: https://www.linkedin.com/in/grahamneray/
Oso: http://www.osohq.com
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
The perimeter will fail. What matters is whether your business turns one incident into a disaster. Andrew Rubin, Founder and CEO of Illumio, explains how breach containment reduces blast radius, why category timing is “luck,” and what leaders must do as AI speeds up attackers and defenders. Listen for a founder-level playbook on building security that scales with growth.
Andrew: https://www.linkedin.com/in/andrewsrubin
Illumio: https://www.illumio.com
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
AI won’t save your startup. Unless it can ship changes safely. Venkat Thiruvengadam breaks down why the real value isn’t the model, it’s the orchestration: guardrails, permissions, context, and human-in-the-loop workflows that let agents do more than “read-only.” Tune in for a practical conversation on scaling DevOps, security, and compliance without slowing the business.
Venkat: www.linkedin.com/in/venkat-thiruvengadam
DuploCloud: www.duplocloud.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
Trevor Hilligoss, Head of Security Research at SpyCloud and former FBI agent, joins the show to discuss why humans remain the biggest security risk facing organizations today. From reused credentials to commoditized cybercrime tools, Trevor breaks down how attackers actually gain access — and why focusing on real-world human behavior is more effective than worrying about sophisticated nation-state threats.
Trevor: www.linkedin.com/in/thilligoss/
SpyCloud: spycloud.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
What if 90% of “secured” smart contracts were still exploitable? That’s the reality Olympix founder and CEO Channi Greenwall is seeing on-chain today. She breaks down why traditional audits are failing Web3 teams, why the attack surface is bigger than most founders realize, and how automated security is starting to close the gap.
You’ll learn:
Why Web3 security is closer to medical devices and aviation than typical SaaS risk
How one exploit can wipe out years of startup effort in seconds
The hidden overlap between Web2 and Web3 attack surfaces that founders underestimate
What it actually looks like to automate 60–80% of what human auditors do today
Listen to the full episode on your favorite platform.
Channi: www.linkedin.com/in/channi-greenwall
Olympix: www.olympix.security/
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
Code ships faster than anyone can review it. Jack Cable, CEO and Co-Founder of Corridor, explains what actually gets missed when teams stop reviewing every pull request, why most security tools surface noise instead of risk, and how Corridor approaches secure-by-design when speed is non-negotiable.
Jack: https://www.linkedin.com/in/jackcable
Corridor: https://www.corridor.dev
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
What if your first security hire wasn’t a person, but a simple, guided program that made sense to everyone in your company? In this conversation, Sidekick founder and CEO Phil Howie breaks down how SMBs can build a security and privacy practice from the ground up—long before they can afford a full internal team. We cover the reality of compliance vs real security, working with MSPs, the role of design in security tools, and how founders should think about AI, governance, and future regulation. If you’re a founder trying to grow in regulated markets, this one’s for you.
Phil: https://www.linkedin.com/in/philhowie
Sidekick: https://www.sidekick.co
Jon: https://www.linkedin.com/in/jon-mclachlan/
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich/
YSecurity: https://www.ysecurity.io/
Most companies still test security long after code is shipped. That delay creates blind spots.
In this episode, Rejah Rehim, Co-Founder & CEO of Beagle Security, explains how automated penetration testing gives teams a clearer picture of their real exposure—while keeping the process simple enough for developers to run themselves.
Rejah: https://www.linkedin.com/in/rejah/
Beagle Security: https://beaglesecurity.com/
Jon: https://www.linkedin.com/in/jon-mclachlan/
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich/
YSecurity: https://www.ysecurity.io/
AI agents can burn through budgets and trust in minutes. Eric Olden, Co-Founder and CEO of Strata Identity, breaks down the control plane founders need: policy-driven guardrails, intent/context/outcome audit, and lifecycle governance—so you can move from sandbox to production with confidence.
Eric: https://www.linkedin.com/in/boughtnotsold
Strata Identity: https://www.strata.io
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
Most people think hackers exploit systems. The best hackers improve them. In this episode, Ted Harrington explains how to unlock your “inner hacker”—the mindset that turns obstacles into innovation. From breaking outdated rules to building smarter, safer companies, this conversation reframes what it means to lead with curiosity.
Ted: https://www.linkedin.com/in/securityted/
Ted’s website: https://www.tedharrington.com/
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
Cutting support costs usually tanks experience—unless you redesign the system. Veronica Moturi shares how Brinks built an AI “first line,” kept humans for nuance, and improved accuracy by unifying data, verification, and troubleshooting. If you’re scaling support, this is your roadmap to trust, speed, and measurable unit economics.
Veronica: www.linkedin.com/in/veronica-moturi
Brinks Home: brinkshome.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
Deepak Dutt, founder of Zighra, reveals how continuous behavioral authentication is changing the game—from stopping $200M fraud schemes to securing military operations.
Deepak: https://www.linkedin.com/in/deepakdutt/
Zighra: https://zighra.com/
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
What if your first lines of code determined your startup’s ability to scale? Dirk Meister, founding engineer at Augment Code, walks us through the intentional security architecture decisions they made on day one—and why trust isn't something you can bolt on later.
Dirk Meister: https://www.linkedin.com/in/meisterdirk/
Augment Code: https://www.augmentcode.com/
Jon McLachlan: https://www.linkedin.com/in/jon-mclachlan/
Sasha Sinkevich: https://www.linkedin.com/in/aliaksandr-sinkevich/
YSecurity: https://www.ysecurity.io/
Michael Nov, Co-Founder and CEO of Prime Security, reveals how ignoring the design stage creates costly security gaps later. He shares hard-won lessons from building at OwnBackup and launching a startup during crisis.
Michael: https://www.linkedin.com/in/michael-nov
Prime Security: https://www.primesec.ai
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
Contracts aren’t controls. Jonathan Mortensen, CEO of Confident Security, lays out a practical path to provably private AI—confidential compute, attestation, and encrypted weights—so you can swap your OpenAI-compatible endpoint, keep crown-jewel data out of vendor training, and still close enterprise deals. Listen to learn how founders can pass security reviews, avoid GPU sprawl, and turn privacy into a sales advantage.
Jonathan: https://www.linkedin.com/in/jonathanmortensen
Confident Security: https://www.confident.security
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
AI isn’t just writing code—it’s joining the team. Scott Dietzen, Board Member at Augment Code, explains how Augment’s AI agents are changing the way enterprise software is built, secured, and scaled. These aren’t copilots for toy projects—they’re context-aware agents designed for real-world codebases and real production work.
Scott: https://www.linkedin.com/in/scottdietzen
Augment Code: https://www.augmentcode.com
Jon: https://www.linkedin.com/in/jon-mclachlan
Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: https://www.ysecurity.io
Free AI tools promise speed—but they can quietly kill enterprise deals. In this episode, Michael Moore, VP and Head of Legal at Glean, unpacks the legal, privacy, and trust pitfalls that most AI startups overlook. He explains how to design AI products that survive legal scrutiny, earn buyer trust, and actually close.
Michael: www.linkedin.com/in/michaeltimmoore
Glean: www.glean.com
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
AI agents can do more than access your data—they can act. TraceForce.ai founders Xia Hua and Glenn Mulvaney reveal the next big security risk: autonomous agents that operate beyond permission boundaries. From startup execution to securing the agent economy, this special episode covers it all.
Xia: www.linkedin.com/in/xia-hua-ph-d
Glenn: www.linkedin.com/in/glennanthonymulvaney
TraceForce: www.traceforce.ai
Jon: www.linkedin.com/in/jon-mclachlan
Sasha: www.linkedin.com/in/aliaksandr-sinkevich
YSecurity: www.ysecurity.io
Comments
Download from Google Play
Download from App Store
United States