This is Cybersecurity's premier podcast. Running strong since 2011 Rafal Los, James Jardine, and Jim Tiller bring a no-nonsense, non-commercial approach to our profession. DtSR brings interviews and discussion with people you want to meet, and stories you have to hear. So whether you're just starting out, or are decades deep into your career, you'll always learn something on this show.
On Twitter/X: https://twitter.com/@DtSR_Podcast
On YouTube: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
On LinkedIn: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
© 2026 Down the Security Rabbithole Podcast (DtSR)
Apr 28, 2026Recent reviews on Apple Podcasts (5)
Real infosec knowledge
Raf does an excellent job of providing insight and advice around the difficult task of balancing security and business sensitivity. One of my favorites- highly recommend.
raxis ·
Entertaining, insightful and actionable! 👏👏👏
Whether you’re well established as someone who can translate creative energy into the impact you want to have on the data security world, or just getting started as a catalyst for change - this is a must-listen podcast for you! Rafal does an incredible job leading conversations that cover a huge breadth of topics related to the ins and outs of navigating an ever changing cyber security landscape - with leaders who’ve actually walked the path. Highly recommend listening and subscribing!
obacker19 ·
The Go-to sec podcast
DtSR is a go-to resource for the latest in the security world. Top-notch guests providing true insight into our industry. A wide variety of topic which cover trends, tools, trapdoors, and something else that starts with the letter ’t’. You’ll think of something. Jump down the hole and see the light!
futurethnkr ·
It’s all about that intro
This is by far my fav cyber podcast. Thank you James and Ralf.
Phantom Physics ·
Mostly marketing for vendors
In truth, I've only listened to 3 podcasts so maybe I just got unlucky. But they've all been vendor hype. The recent Episode 358 No more crappy jobs is an example. Leaving aside that the guest, Diedre's favorite word is "I", the show was 80% what her "platform" could do and how it's impossible to hire people without it. Essentially, this was a marketing show for whatever she's selling and how many buzzwords she can say. If you want more than this, try Darknet Diaries. No marketing or hype and well told cyber stories with good detail.
Samson38$ ·
Episodes (740)
DtSR Episode 703 - The Myth and Reality of Mythos
Apr 28, 202639m#703
TL;DR: Returning guest Gadi Evron joins the crew to talk about the latest bomb dropped by Anthropic - "Mythos". Allegedly, this model could bring about the vulnerability apocalypse, or something. Let's dive into it. YouT
DtSR Episode 702 - Trust Issues with Trusted Advisors
Apr 21, 202646m#702
TL;DR: Do you have a trusting relationship with your cyber VAR, reseller, or integrator? Most of us don't, and that's because the erosion of trust has been ongoing for the last decade. So when Josh Jones , Chris Roche ,
DtSR Episode 701 - Adrian Sanabria AI Cant Replace Jobs
Apr 14, 202635m#701
TL;DR: Starting off the 700 series is Adrian Sanabria , long-time analyst, and industry insider. Adrian's SubStack post ( https://substack.com/home/post/p-189699798 ) makes an interesting distinction between 'work' and '
DtSR Episode 700 - An Unreal Milestone
Apr 7, 202644m#700
TL;DR: THANK YOU. I can't believe I'm dropping episode 700. It's been a journey since September 2011 - so many amazing and unbelievable guests, conversations, and life lessons. So much incredible content that ages like f
DtSR Episode 699 - Marcus Hutchins Hot Takes and AI
Mar 31, 202622m#699
TL;DR: As I continue to post content recorded in Orlando at Zero Trust World 2026, I bring you a live recorded episode with Marcus Hutchins. It's an interesting discussion that is no doubt polarizing, but no less interes
DtSR Episode 698 - Leadership in a High Stakes CISO Role
Mar 24, 202645m#698
TL;DR: This week's guest is Alex Hutton - who has been leading security teams in high-stakes organizations for years and is bringing his experience to you. We discuss leadership, risk, and several leadership topics you'l
DtSR Episode 697 - The Precarious Evolution of the CISO Role
Mar 17, 202643m#697
TL;DR: On this episode of the pod, G. Mark Hardy joins Jim, James, and Rafal to talk about the precarious evolution of the role of the CISO. We even delve into the definition and purpose of risk , and find some there, th
DtSR Episode 696 - Zero Trust CyberSecurity Shenanigans
Mar 10, 202625m#696
TL;DR: This week's podcast is live 'ish from Zero Trust World 2026, put on by ThreatLocker . It's a lively conversation with their CPO Rob Allen who can't help himself but mess with my recording equipment. Shenanigans en
DtSR Episode 695 - Cyber Is Headed for a Market Meltdown
Mar 3, 202650m#695
TL;DR: Is cybersecurity headed for a market meltdown? Are we watching the bubble pop? Patrick Dennis joins Rafal to give some observations, analyze and provide guidance on what's happening, and what's to come. Buckle tha
DtSR Episode 694 - Seasonal Martyrdom and Cyber Burnout
Feb 24, 202645m#694
TL;DR: We've all experienced it - either you're the one, or you know someone, who works themselves to death. Whether it's "part of the job" or part of the job - it always leads to the same end. Rebekah Wilke and Ryan Hal
DtSR Episode 693 - The Most Important AI Conversation
Feb 17, 202659m#693
TL;DR: This is one of the most relevant AI conversations, in the moment. Gadi Evron joins me to talk about how AI is not just changing everything, but how it's actually going to impact what you're doing - from security t
DtSR Episode 692 - Ran Nahmias the Perpetual Entrepreneur
Feb 10, 202638m#692
TL;DR: What's it like to be an entrepreneur your entire career? Always trying something new, always doing something different? Ask Ran Nahmias , someone who's been around long enough to have done it all, and he's not don
DtSR Episode 691 - How to Make External Security Testing Useless
Feb 3, 202638m#691
TL;DR : Today, Julian Brownlow Davies rejoins the pod (Ep 688) to continue the conversation about 3rd party external security testing. It's strong opinions and tales of woe all around. Episode 688: https://dtsr.buzzsprou
DtSR Episode 690 - Defenders of the Internet Pipes
Jan 27, 202644m#690
TL;DR: This week's guest is Matt Carothers who works at a major Internet provider. We talk about defending, strategy, and some of the interesting topics that come with the job. If you have Internet at home, or at the off
DtSR Episode 689 - Off the Rails - Social Media is Evil
Jan 20, 202651m#689
TL;DR: Social media is corrupting our kids, radicalizing your neighbors, and being basically evil with no checks. This episode is an "off the rails" discussion on a not-so-clearly Cyber Security topic, with us diving dee
DtSR Episode 688 - Looking for Meaning in the Signal
Jan 13, 202643m#688
TL;DR: Grab your favorite note-taking thing, this week's pod features Julian Brownlow Davies of BugCrowd and it's chock full of things you'll want to look up. We tackle how red teaming and external 3rd party testing fits
DtSR Episode 687 - Dan Geers Wisdom from 2014
Jan 6, 20261h 2m#687
TL;DR: This week's episode is a special one. I (Rafal) revisit episode 100 with the one and only Dan Geer. Some shows are "in the moment", some are timeless. This show is timeless. Dan's wisdom and insights are as applic
DtSR Episode 686 - An Unexpected Windows XP Conversation
Dec 30, 202549m#686
TL;DR: On today's pod, Rob Allen of ThreatLocker makes his triumphant return to derail us straight into a conversation about legacy systems and why he's still supporting WindowsXP. Right, you read that right. A great con
DtSR Episode 685 - Weaponized AI is Real Now What Pt 1
Dec 23, 202537m#685
TL;DR: In part 1 of 2, Gadi Evron joins the show and chats with Jim and Rafal on the topic of the "AI Cataclysm". What does that even mean? Listen in - but it's part to do with how AI is changing the attacker model (leve
DtSR Episode 684 - AI Agents Gone Rogue
Dec 16, 202550m#684
TL;DR: This week's show features Aaron Costello, and is all about an analog from real-world attacks on humans, applied to AI "agents". I know what you're thinking - computers are supposed to be more difficult to trick, r
DtSR Episode 683 - Sometimes You Have to Step Away
Dec 9, 202537m#683
TL;DR: On this episode, it's just Jim and Rafal talking about how sometimes you just need to take a big step back from your day job and touch some grass. Our chosen profession is, demanding, to say the least. So let's ta
DtSR Episode 682 - A Third Opinion on Vulnerability Ranking
Dec 2, 202548m#682
TL;DR: This week's pod features a conversation with the Jay Jacobs , whom had previously been on the show talking about this very topic (vulnerability ranking/scoring) many, many years ago. If you missed Episode 297 chec
DtSR Episode 681 - AppSec Whack-a-Mole
Nov 25, 202549m#681
TL;DR: John Rafal & Jim as we welcome Dustin Lehr to talk about the state of AppSec and how we got here. We discuss vulnerabilities, accountability, culture, and a host of other things. It's a caffein-fueled episode, so
DtSR Episode 680 - Debating Patching and Vulnerability Scoring
Nov 18, 202555m#680
TL;DR: We heard RSnake's take on CVSS and CVEs and such, now let's hear Brian "Jericho" Martin's take. The gloves are off, and the opinions go native when we take this episode live. Brian doesn't pull any punches, and ap
DtSR Episode 679 - Wasting Time Patching
Nov 11, 202555m#679
TL;DR: Patching. Your least favorite thing. Well, it turns out that most of the work we have been doing in the last 20+ years has been for nothing. Robert "RSnake" Hansen's theory, backed by a lot of data, seems to point