Shared Secrets
29 episodes - English - Latest episode: about 1 year ago - ★★★★★ - 26 ratingsShared Secrets (w/Den and Kev) is a fun take on computer security topics that aren't in the spotlight. Each episode security grey-beard Kev (Kevin Nassery) tries to convince fellow infosec veteran Den (Denis Sheridan) about some counter-intuitive theory he has developed over 25+ years of building, breaking, and defending computer systems.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Season 3 EP6: Factors of a successful bug bounty program.
April 15, 2023 21:24 - 46 minutes - 42.6 MBKev and Denis dig deep into critical factors of successful software bug bounty program.
Season 3 EP5: Application security champions with Sandesh Anand of Boring AppSec
March 31, 2023 18:38 - 35 minutes - 32.6 MBKev talks to Sandesh all things Security Champions. They sink they're teeth into the driving factors for a champions initative and offer their perspectives on success factors, potential pitfalls and associate impacts.
Season 3 EP4: Building cybersec communities for 30 years with Brian Harden (noid).
March 21, 2023 02:27 - 56 minutes - 51.6 MBKev talks to OG Hacker Noid about the history of Defcon, the importance of inclusion and openness in the security world, and a lot about vintage computers.
Season 3 EP3: The Pros and Cons of DevSecOps
March 10, 2023 19:22 - 29 minutes - 27.3 MBDen & Kev debate the state of security in DevOps and rationalize some strengths and weaknesses of DevOps transformation.
Season 3 EP2: Penetration tests are broken.
March 03, 2023 17:00 - 34 minutes - 32 MBDen & Kev share insights into the problems with penetration testing from their combined decades of being providers, consumers, and consulting leaders delivering penetration tests.
Season 3 EP1: Running the Experiment
February 25, 2023 05:17 - 51 minutes - 47.2 MBDen & Kev cover RTXSecurity.com and try and bring more scientific rigor to Cybersecurity.
Season 2 episode7: Owasp Top 10 (2021)
March 20, 2022 05:56 - 37 minutes - 17.1 MBDen & Kev break down the OWASP Top 10 from 2021 while it's hot off the press, then fail to release it for 6 months!
Season 2 episode6: Diehard (1988).
December 23, 2021 05:53 - 2 hours - 122 MBDiehard isn't an action movie, or a Christmas movie. It's a hacker movie. Den and Kev are joined by martial artist, mechanical engineer, welding guru, power-tool expert, and safe-cracking enthusiast Mike Dop Dopheide to tackle this holiday thrill ride.
Season 2 episode5: Burnout isn't about working too much, it's about doing the wrong work.
November 30, 2021 00:13 - 36 minutes - 33 MBDen flips the table on Kev with a secret of his own on this special episode of Shared Secrets. We dive into cyber security industry burnout and quality vs. quantity.
Season 2 episode4: Hacking friends, cars, and security programs with Jacob Wilson.
November 10, 2021 02:12 - 41 minutes - 37.7 MBThis week Kev does a throwback episode to the early 2000s with his friend and former collegue Jacob Wilson.
Season 2 Episode3: The key to effective threat modeling is good knowledge management.
October 26, 2021 01:14 - 39 minutes - 36.3 MBDen and Kev crack open threat modeling and explain why it doesn't matter how smart people are if they aren't writing things down.
Season 2 Episode 2: Secrets from a lawyer (with Nick Merker).
October 11, 2021 02:19 - 38 minutes - 35.6 MBData security and privacy attorney Nick Merker chats with Kev about his recent BlackHat talk on the common legal pitfalls of incident response for us on a very special episode of Shared Secrets.
Season2 Episode 1 (ep17): People don't care how good their security tools are.
September 21, 2021 06:00 - 46 minutes - 42.6 MBDen and Kev are back with the season two premier! They dive in right away with the thrill ride that is A/B testing, false positives, false negatives, and the suspiciously rare usage of coverage analysis to improve the efficacy of dynamic tools.
Episode16: The Net (1995).
August 09, 2021 01:00 - 2 hours - 148 MBAt long last, Shared Secrets tack the 1995 hit technothriller ‘The Net’ staring Sandra Bullock and a half dozen memorex high density floppy disks. Tune in as denS claims that the best thing about the movie is how easy it is to follow, and then turns out to have mostly not understood anything that was going on. Meanwhile kevN gets starts about a half dozen spin-off podcasts instead of talking about the movie which contains about the same amount of hacking than your average Sandra Bullock roman...
Episode15: Sneakers (1992).
July 22, 2021 00:03 - 2 hours - 148 MBIn our penultimate summer blockbuster kevN and denS tackle Sneakers with at least as much success as Ben Kingsley tackles his accent in the film. Join us in what essentially ends up being Kev performing Sneakers as a 3hr one man show and Denis identifies at least a dozen flaws in an otherwise perfect film.
Episode14: Hackers (1995).
July 05, 2021 19:20 - 2 hours - 127 MBSummer blockbuster season continues with the cult classic Hackers starring Jonny Lee Miller and Angelina Jolie. On this special episode, denS fervently abandon’s his claim that Hackers is a good movie on minute one; then kevN makes a surprising amount of sense out of the techno babble and incomprehensible plot of the film.
Episode13: The best hacker movie is Wargames(1983).
June 09, 2021 06:40 - 1 hour - 109 MBTwo 39-year-old hackers kickoff summer blockbuster season by breaking down the 38 year old hacker movie: Wargames; kevN goes deep on retro hacks and denS provides a keen eye on the AI while both scrutinize the workplace dynamics between McKitrick and his subordinates. Tune in to this special season-1.5 teaser that is only slightly longer than the original film!
Episode12: The most important part of a security program is escape analysis. (Throwback with Bill Nash).
April 11, 2021 22:01 - 1 hour - 72.9 MBDen and Kev discuss why the most important aspect of any security program is escape analysis to evolve security and engineering processes. Then Bill Nash joins in the throwback to share how he ended up at Defcon 4, 5, and 6 how he caught the security bug as a network engineer and why he took the time to talk UNIX and Network security with a 16-year-old Kevin at Defcon6.
Episode11: Except vs. Accept. (Throwback with Josh Berry)
April 04, 2021 22:01 - 1 hour - 60.2 MBKevin tries to squeeze in a quick shared secret regarding the tricky use of the words: except and accept in risk management, but Denis takes acception to it. Then we dive into a great throwback with embedded security expert Josh Berry on how he got into computers, security, and hardware as a kid.
Episode10: The security industry is terrible at measuring success. (Throwback with Trent Johnson)
March 29, 2021 04:00 - 1 hour - 79.4 MBDen and Kev tackle measurement, metrics, and how sometimes screwing up how we measure things can lead to catastrophic risks. Then on a very special throwback episode with Trent Johnson, Trent recalls his youthful hacking exploits including an incident in college where he misappropriated a computer lab to mine his hometown ISP passwords.
Episode9: Mainframes aren’t as secure as you may think. (Throwback with Rob Bridal.)
March 21, 2021 21:00 - 1 hour - 73.5 MBDen and Kev tackle the common perception that mainframes are inherently secure, and why Kevin doesn’t believe it. Then on the throwback Rob Bridal talks about using coding as a creative expression, and gets into his high school years where he went invented his own personal bug bounty program that targeted a banner advertising firm in the late 90’s.
Episode8: Guest Caroline Wong shares a secret:There is no shortage of security talent! (Throwback with Ben Jacobs.)
March 15, 2021 11:00 - 1 hour - 70.7 MBInfosec Rockstar Caroline Wong (Humans of Infosec Podcast) joins us this week to drop a bomb on this week’s episode that there is no shortage of cybersecurity talent. Tune in to hear Caroline propose how talent distribution is the key issue, and how the lack of industry wide accreditation process also contribute to a misperception that we don’t have enough good security folks. Then on a very special throwback with Ben Jacobs, we get back mid90’s Quincy IL ISP scene and cover the exact moment ...
Episode7: From skateboard drop-ins to BGP dropped routes with Nick Buraglio.
March 08, 2021 11:00 - 1 hour - 70.2 MBThis week’s episode we have a very special throwback from super-network architect Nick Buraglio who shares one heck of an origin story! We cover imposter syndrome, co-worker dynamics, a lot of retro networking, and top it off with a healthy dose of central Illinois Geography. This one is a must-listen to those who are trying to break into technical fields as their first, or maybe 5th career! Check out’s Nick’s podcast: https://www.modem.show/
Episode6: Don't shift left! (Throwback with Mark Stanislav).
February 28, 2021 21:00 - 1 hour - 72.9 MBDen and Kev can’t resist arguing over whether or not there is any computer security lessons to be learned from chess. Then Kev drops this week’s secret, “Don’t shift left!” in your secure software development life cycles. Then on a very special Throwback episode MFA/IoT/Product Security Rockstar Mark Stanislav gives us a first-hand peak into the seedy 90’s world of IRC software piracy.(Intro and Outro theme "Sun Rice" by Adubter, CCL: http\s://creativecommons.org/licenses/by-nc-sa/3.0/(Intro ...
Episode5: Denis goes to high school with a 28-year-old imposter.
February 21, 2021 21:00 - 1 hour - 65.8 MBKevin does a speed-round security secret to stay on theme (Computer security was pretty much figured out in 1975). Then we get into an extended throwback with SS Cohost Denis himself, where he gives us a firsthand account of the true story of a 28 year old Iranian “Jonathan Taylor Spielberg” who pretended to be 15 in order to enroll at Denis’s high-school in 1998. (Intro and Outro theme "Sun Rice" by Adubter, CCL: https://creativecommons.org/licenses/by-nc-sa/3.0/)
Episode4: Platform diversity is making security exponentially more difficult. (Throwback2 with "Dop").
February 14, 2021 21:00 - 1 hour - 71.5 MBKev admits to Den that he went way too far last episode regarding Threat Hunting, then proceeds to go far too long on trying to convince Denis that “tech stack proliferation” is hurting our security posture. Then, we have back Mike “Dop” Dopheide on the throwback to talk about some fun computer stories from college.
Episode3: Threat intelligence is a complete waste. (Throwback with Joel Scambray).
February 07, 2021 21:00 - 1 hour - 69.3 MBKev and Den debate the actionability, value, and opportunity cost of threat intelligence in the modern enterprise. On the throwback Hacking Exposed author and security industry stalwart Joel Scambray shares how he leveraged his passion for writing and the computer skills he developed in the biology lab into a storied career in computer security.(Intro and Outro theme "Sun Rice" by Adubter, CCL: https://creativecommons.org/licenses/by-nc-sa/3.0/).
Episode2: Hacker Culture has nothing to do with computer security. (Throwback with Nick Merker).
January 31, 2021 21:00 - 57 minutes - 52.2 MBWe play a quick round of get-to-know-your-hosts, then Kev tries to convince Den that Hacker Culture has nothing to do with computer security. After that we take a wild ride down memory lane with Privacy and Security law expert Nick Merker about how he invaded the privacy and security of his UO competition when he was in high school. (Intro and Outro theme "Sun Rice" by Adubter, CCL: https://creativecommons.org/licenses/by-nc-sa/3.0/)
Episode1: CS is the worst college major for Infosec. (Throwback with Mike Dopheide).
January 24, 2021 17:00 - 1 hour - 65.2 MBIt’s here! The first episode of the Shared Secrets (with Den and Kev) podcast . On this episode we explain the podcast; tackle why Kev thinks CS is the worst college major for infosec; and throw back with Mike “Dop” Dopheide about hacking ISP’s in the mid 90’s. (Intro and Outro theme "Sun Rice" by Adubter, CCL: https://creativecommons.org/licenses/by-nc-sa/3.0/)