Secure AF - A Cybersecurity Podcast
Think like a hacker. Defend like a pro.
Welcome to the Secure AF Cybersecurity Podcast — your tactical edge in the ever-evolving cyber battlefield. Hosted by industry veterans including Donovan Farrow and Jonathan Kimmitt, this podcast dives deep into real-world infosec challenges, red team tactics, blue team strategies, and the latest tools shaping the cybersecurity landscape.
Whether you're a seasoned pentester, a SOC analyst, or just breaking into the field, you'll find actionable insights, expert interviews, and unfiltered discussions with Alias team members and top-tier guests from across the cybersecurity spectrum.
Stay sharp. Stay informed. Stay Secure AF.
Episodes
111 episodes
Obscura Ransomware: Unmasking a Stealthy New Threat ⚠️
In this week’s #SOCBrief, Hickman and Peters break down Obscura ... a new ransomware variant making waves with aggressive evasion tactics, process terminations, and domain controller targeting. We cover what’s known so far, the ri...
•
12:25
🛡️ Pen Test Potential: How Organizations Are Missing Out on Fortifying the SOC 🛡️
What’s the real difference between a penetration test and a red team engagement, and how can each benefit your SOC? In this episode, Andrew is joined by Tanner, to unpack how pentests uncover vulnerabilities, how red teams stress-...
•
20:08
2025 SECCON Debrief
This week on #SecureAFPodcast, we’re recapping #SECCON 2025. From the keynote to the villages and everything in between, join us for a look back at the highlights, takeaways, and community moments that made this year’s conference our bes...
•
25:33
🚨 Ransomware Rising: Variants, Tactics, and Defenses in 2025 🚨
Ransomware is evolving faster than ever, from double extortion tactics to lightning-fast attack chains. In this episode, we break down how these threats work, why every organization is a target, and the layered defenses SOCs can use to detect a...
•
7:29
💢 FileFix Fiasco 💢 Steganography's Stealthy StealC Drop
In this episode of The #SOCBrief, we break down the rising FileFix attack, a new social engineering technique using steganography to deliver info-stealing malware. Learn how attackers disguise malicious PowerShell commands, the ...
•
5:53
Monitoring the Dark Web for Leaked Data in DFIR
🔎 This episode of The #SOCBrief dives into the world of dark web monitoring in digital forensics and incident response. Learn why leaked credentials are a top threat, how to safely detect exposures, and what steps SOC teams can take to s...
•
6:28
Mastering Incident Response: Essential for SOC Success
💡 This week on The SOC Brief, we’re breaking down incident response (IR) ... why it’s essential, how to build a strong plan, and what SOC teams can do to turn chaos into control. From preparation and containment to recovery and le...
•
8:41
DEF CON 33 Debrief
Fresh off the chaos of DEF CON 33, Tanner, Hickman, and Will break down the four-day hacker conference, from the eye-opening hacker villages and mind-bending talks to Hickman’s clutch CTF victory and Will’s bold dive into the Social Engi...
•
48:45
⚠️ Crypto24 ⚠️ Ransomware: Bypassing EDR and Bolstering Defenses
In this episode, we break down the emerging Crypto24 ransomware attacks that use living-off-the-land techniques to bypass EDR. We’ll explore how these attacks unfold and the defensive strategies SOCs and organizations can use, like layer...
•
8:22
🚨 Gone Vishing: The Recent Surge of Vishing Attacks
This week, we’re unpacking the phishing wave hitting SaaS platforms ... from social engineering to OAuth abuse and AI voice spoofing. Learn why people remain the #1 attack vector and how to stay one step ahead.
•
10:50
🚨 SonicWall Firewall Ransomware Breakdown
On this episode of the #SOCBrief, we break down attacks on SonicWall firewalls. A wave of ransomware, possibly exploiting zero-day vulnerabilities, is compromising even fully patched systems. Learn how SOCs can respond fast and stay ahead.
•
9:19
Spilling the Tea: What Happens When Apps Launch Without Locking Down Security ☕
This week’s SOC Brief unpacks how a misconfigured cloud bucket exposed 72,000+ user images from the Tea app, complete with geolocation metadata and real IDs. From national security risks to doxxing fallout, we break down what went wrong and wha...
•
13:23
🚨⚠️ A Critical ZERO-DAY (CVE-2025-53770)
A critical zero-day (CVE-2025-53770) is actively targeting on-premises SharePoint servers AND it’s already been used to compromise over 100 organizations. In this #SOCBrief, Andrew and Tanner break down how the exploit works and what steps your...
•
17:54
🚪 Offboarding isn't just HR's job …
In this week’s #SOCBrief, we break down why offboarding policies are ABSOLUTELY critical for security teams. Overlooked items from abandoned accounts to old VPN access can leave backdoors wide open. Learn how SOCs monitor, contain, and shut dow...
•
15:47
Aligned by Design: CISO x Legal in Practice - Episode 92
🎙️ NEW! Aligned by Design: CISO x LegalIntroducing! A fresh new series that explores the intersection of cybersecurity and legal strategy. Join Alias CISO Jonathan Kimmitt and privacy attorney Tom Vincent as they unpack wha...
•
54:40
🚨 Record-Shattering DDoS Attack Alert 🚨
Hackers just unleashed the largest DDoS attack in history, peaking at 7.3 Tbps and 4.8 billion packets per second. In just 45 seconds, it pummeled its target with the data equivalent of over 9,000 HD movies, a...
•
11:41
Secure AF SOC Brief #5 - Chrome CVE-2025-6554
In this episode of The SOC Brief, the team unpacks a critical zero-day vulnerability in Google Chrome (CVE-2025-6554) that’s being actively exploited. Learn how attackers use type confusion bugs to hijack browser memory, what makes thi...
•
9:04
Ep 91: The Engineers React to Breach News
In this episode, our security engineers break down the latest cybersecurity headlines, from the real scoop behind the “16 billion password” leak to the rise of hacker groups like Scattered Spider. 🕷️We discuss how attackers bypass MFA, ...
•
45:27
Secure AF SOC Brief #4 - False Positives
In this episode of The SOC Brief, Andrew and Dax dive into the world of false positives – those misleading alerts that flood security teams with noise. They discuss how misconfigurations, lack of context, and overly sensiti...
•
12:25
Secure AF SOC Brief #3 - IOCs
🔐 New SOC Brief Episode: Tracing the BreadcrumbsCybercriminals always leave a trail, if you know where to look. In this episode, we break down Indicators of Compromise (IOCs) and how they help security teams detect and resp...
•
14:46
Episode 90: Global Wars - Cyber Strikes Back
🎙️ New Secure AF Episode: Global Wars: Cyber Strikes Back 🌐⚔️How does global news shape cybersecurity operations? In this episode, we dig into how real-world events influence the threats we track, the way we respond, and ...
•
50:11
Secure AF SOC Brief #2 - SafePay
🎙️ This Week on the SOC Brief:Join Andrew and Dax as they dive into the emergence of a new threat actor known as SafePay 🕵️♂️💻. They break down the latest tactics, techniques, and procedures observed from this group, offer...
•
10:57
Episode 89: Meet the Alias SOC - on the Battlefront of Cybersecurity
🔐 Inside the SOC 🔐Go behind the scenes with the Alias Security Operations Center (SOC) team to learn how they operate, collaborate, and tackle today’s top cyber threats ⚔️.Find out why a SOC matters, and how organizations c...
•
29:57
Secure AF SOC Brief #1 - SOC Life
Welcome to 🎙️The SOC Brief 🎙️our byte-sized mini series bringing you weekly updates straight from the Security Operations Center.In this episode, Andrew, Dax, and Dylan break down what life in the SOC...
•
11:25
Episode 88: Two-Time CISO Showdown Champion (and Chad)
Alias Cybersecurity Jonathan Kimmitt is joined by Chad Kliewer to discuss the exciting CISO Showdown competition between Chief Information Security Officers (CISOs) at BSidesOK. They delve into the history of the showdown, how it works, and hig...
•
Episode 88
•
46:05
