mnemonic security podcast

"It's prime time for runtime!"
In this episode of the mnemonic security podcast, we're joined by Sergej Epp, Global CISO & Member of the Executive Team of Sysdig, to discuss threats at machine speed and runtime security.
Sergej explains how runtime security enables organisations to understand what is really happening inside containers and serverless workloads, and why, without it, they are effectively blind to critical activity within their cloud-native environments. He shares recent examples of supply chain incidents that highlight these risks, including the GitHub Actions compromise, NPM attacks, and the two waves of Shai-Hulud.
Robby and Sergej also discuss the most common ways that attackers get access to clusters and containers, and how organisations can stay ahead of attacks using real-time telemetry.
Send a text

"We are not really seeing as many attacks in the cloud where people hack in. It's more likely that they simply log in."
In this episode of the mnemonic security podcast, we're exploring Cloud Detection & Response (CDR) together with Brian Contos; returning guest, fellow podcast host, author, and serial security entrepreneur. In his conversation with Robby, he shares from his new role as Field CISO for the Cloud Detection & Response platform Mitiga.
They discuss the Salesforce supply chain attack and the challenges of protecting interconnected cloud ecosystems, the evolution of Cloud Detection & Response so far, and what we should expect in the near future.
Send a text

Pentesting anno 2026
Erica Burgess, an experienced penetration tester and security consultant, joins us for this episode of the mnemonic security podcast to deliver a state of the union on penetration testing in 2026. Drawing on her Black Hat Europe AI Security Summit keynote, “Never Break the Chain: Attack Chaining for 0-Days,” Erica breaks down how seemingly low-severity or “informational” findings can be chained together into full system compromises.  
 
Erica details her practical approach to using customized AI agents for subtasking, from validating dynamic scanner results to finding obscure commands that bypass blacklists. Tasks that once required three days of manual research can now be completed in minutes, dramatically increasing the volume and sophistication of findings during time-constrained engagements.
 
They also explore the broader implications of AI-assisted hacking: the risk of new blind spots when everyone leans on similar models, and the uncomfortable questions this raises about creativity, labor, and the future of junior talent in cybersecurity. Erica emphasizes the importance of maintaining human intuition and critical thinking, warning that over-reliance on AI can literally reduce brain activity, while acknowledging that pen testers who don't adapt to these tools risk being left behind.
Send a text

We’re kicking off the new year by taking a closer look at some of the threats that will shape 2026, and how they impact defenders.
In this episode of the mnemonic security podcast, Robby welcomes Candid Wüest, Principal Security Advocate at xorlab, drawing on more than 25 years of experience in the field. After seeing Candid's talk “The Rise of AI-Driven Malware: Threats, Myths, and Defenses” at BlackHat Europe, Robby invited him to share his research and perspectives on the current state of AI-driven malware.
They talk about the most common misunderstandings around AI-powered, AI-generated and AI-supported threats, as well as which types of LLM-related attacks Candid expects to make the news, and actually be effective, in 2026.

Candid also shares his thoughts on how defenders’ roles are evolving, where he has seen organisations successfully implement AI in defense, and why going back to basics still matters. They also explore some of the biggest topics from Black Hat Europe in December, including AI-enabled SOCs.

Send a text

What is the future of MDR?
In this episode of the mnemonic security podcast, Robby is joined by Migjen Hakaj from mnemonic's Innovation & Emerging Technologies Department and Amine Besson, Director at Behemoth Security.
They've joined forces by collecting their shared extensive experience with security monitoring, and published a popular three-part blog series on what Managed Detection and Response (MDR) really is on a deep level, where they examine the past, present, and future challenges within the field.
In their conversation they talk about the evolution of the SOC space, what main forms of security operations they are seeing today, and why they believe the SOC needs to change.
They also explain why it's hard to define what MDR really is today, the main value proposition of MDR providers, and what the next big differentiators for MDR providers will be. As well as in what ways they've seen that the industry has matured over the last few years, where the industry needs radical change, and where AI SOC has a place and where its main challenges lie.
Interested in more? Visit their blog series:
The Present and Future of Managed Detection and Response: https://detect.fyi/the-present-and-future-of-managed-detection-and-response-01a72088e6f6
The missing link in MDR. Spoiler, it starts with a Detection Engineering framework: https://detect.fyi/the-missing-link-in-mdr-spoiler-it-starts-with-a-detection-engineering-framework-5f836347c92f
Beyond Detections : Scaling Analysis & Response to keep MDR relevant: https://detect.fyi/beyond-detections-scaling-analysis-response-to-keep-mdr-relevant-592285d0fd25
Send a text