The Cybersecurity Defenders Podcast

Joshua Neil, Co-Founder of Alpha Level, dives into a more sophisticated understanding of AI SOCs. Join the conversation about this industry change on Defender Fridays.
Dr. Joshua Neil, has been a pioneer in applying machine learning to cybersecurity since 2000, starting his journey at Los Alamos National Laboratory. There, he co-developed Pathscan, a network anomaly detection system capable of spotting attacks that slip past traditional defenses. In 2014, he and CEO Mike Pozmantier took that innovation to market by licensing Pathscan to Ernst & Young (EY), turning deep research into enterprise impact.
That experience exposed a hard truth: anomaly detection is powerful at catching unknown threats - but on its own, it creates too much noise. Josh went on to tackle the other half of the problem, alert overload, through leadership roles at Microsoft and Securonix, gaining firsthand insight into the real-world struggles of security teams.
In 2023, Josh and Mike launched Alpha Level to bring both worlds together: pairing the depth of anomaly detection with the precision of behavioral threat signals. The result? A platform that reduces false positives, adapts to your environment, and lets teams focus on real threats—before they become breaches. Learn more here: https://alphalevel.ai/
Learn more at reconinfosec.com
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.
Why LimaCharlie?
Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io/
Follow LimaCharlie
Sign up for free: https://limacharlie.io/
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie

Michael Hamilton, Chief Technology Officer at PISCES International, joins us to discuss the benefits of providing real world experience to students while they protect existing public infrastructure. The resilient future of local government security rests in our ability to adapt to changing threats and adopt new technologies, including AI.
Learn more at https://pisces-intl.org/
30 years in Information Security as a practitioner, entrepreneur, consultant, and in executive management. Direct experience in retail, manufacturing, government, defense, academic, semiconductor, energy, law enforcement, transportation, publishing and financial sectors - from Fortune 1 to small nonprofits.
Formerly: Policy Advisor to Washington State, Chief Information Security Officer for the City of Seattle, and Managing Consultant for VeriSign Global Security Consulting. Former Vice-Chair of the DHS State, Local, Tribal and Territorial Government Coordinating Council.
Currently: Field CISO, Lumifi Cyber
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
Iran’s Islamic Revolutionary Guard Core, or the IRGC, announced that it plans to begin attacks on more than a dozen American technology companies operating across the middle east, starting after 8pm Tiran time on April 1st.
A pro-Iranian hacking group, known as Hendala, has claimed responsibility for breaching a personal account belonging to FBI Director, Kash Patel.
A newly discovered malware-as-a-service platform called Venom Stealer is automating the creation and deployment of quick-fix social engineering attacks, significantly lowering the barrier for cyber criminals.
Toy and entertainment company, Hasbro, disclosed that it experienced a cyber attack that disrupted some of its internal operations, in a filing with the U.S. Securities and Exchange Commission.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
Since the onset of the conflict in the Gulf region, cybersecurity researchers have observed a noticeable rise in malicious cyber activity tied to geopolitical events.
Unit 42 researchers are warning about an increased risk of destructive cyberattacks tied to the conflict involving Iran.
The hacking group known as TeamPCP has expanded a large-scale supply chain campaign targeting widely used open source software ecosystems.
In September 2025, Anthropic disclosed an incident in which a state-sponsored threat actor used an AI coding agent to conduct an autonomous cyber espionage campaign targeting 30 organizations worldwide.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

This week on Defender Friday we are joined by Andrew Cook, CTO of Recon InfoSec, to talk about what it means to build a strong security team and why hiring builders is always a good bet.
As the CTO of Recon InfoSec, a leading provider of managed security operations, Andrew oversees the technical vision, strategy, and execution of their services and solutions. He has more than a decade of experience in threat hunting, digital forensics, network defense, and capability development.
Andrew's mission is to provide customers with the expertise they need to confidently and effectively respond to incidents, protect their organizations, and enhance their resilience. He has a proven track record of delivering high-quality results, leading and mentoring teams, and collaborating with partners across the industry and the government. Andrew is also a former Air Force officer, with national-level contributions and a passion for technical leadership.
Learn more at reconinfosec.com
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.
Why LimaCharlie?
Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io/
Follow LimaCharlie
Sign up for free: https://limacharlie.io/
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - CEO / Co-founder at LimaCharlie