The Cybersecurity Defenders Podcast

Join us for this week's Defender Fridays as Carlo Anez, Founder and Lead Instructor at IgniteCyber Academy and DEFCON Training Instructor, breaks down how to build practical blue team skills using open-source labs, MITRE ATTACK, and real-world defender workflows, and where AI fits into the picture without replacing the analyst.
At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
What We'll Discuss
In this episode, Carlo Anez draws on years of SOC operations, detection engineering, and cybersecurity instruction to make the case for hands-on, open-source training as the foundation for developing confident, capable defenders.
Key Topics:
Why cybersecurity training must move beyond passive learning and into real defender workflows
How the OpenSOC initiative uses open-source tools like Wazuh, MISP, The Hive, and TimeSketch to simulate a small-scale fusion center environment
How open-source stacks build transferable skills that translate to enterprise platforms like Splunk and LimaCharlie
Where AI fits in the SOC: summarizing noisy alerts, mapping activity to MITRE ATT&CK, drafting investigation questions, and improving report clarity
Why AI literacy means knowing how to validate AI output against evidence, not just knowing how to write prompts
Why the analyst owns the evidence, the decision, and the communication
How the DEF CON boot camp and online pilot program structure five days of scenario-based training around a final analyst report and CTF capstone
About Our Guest
Carlo Anez is the Founder and Lead Instructor at IgniteCyber Academy and a DEFCON Training Instructor. He spent five years at Rapid7 doing detection engineering, threat hunting, and DFIR workflows, and has supported SOC operations, government contractors, and projects with DARPA, the US Army, and the US Navy. He currently creates SOC-focused content with TCM Security and leads Blue Team Village at DEF CON, where he also presents and trains annually.
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.
Why LimaCharlie?
Eliminate vendor sprawl and tool complexity
Deploy and scale effortlessly on native multi-tenant architecture
Reduce costs with intelligent data routing and free 1-year retention
Build custom solutions with 100+ security capabilities on-demand
Accelerate response with agentic AI that acts directly within predefined workflows
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io
Follow LimaCharlie
Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
Guest: Carlo Anez - Founder & Lead Instructor at IgniteCyber Academy

Join us for this week's Defender Fridays as Bobby Ford, Chief Strategy and Experience Officer at Doppel, talks about open-source labs, MITRE ATT&CK, and real-world defender workflows.
At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
About Our Guest
Bobby is a globally recognized cybersecurity “geek” with almost three decades of experience, including the last 14 years as a CISO, protecting some of the world’s most complex and operationally intensive enterprises. His career began in the military as a founding member of the Pentagon Computer Incident Response Team. Bobby built and led cybersecurity programs in the Aerospace and Defense industry. He was the first CISO at Exelis Inc. and was the architect of ITT’s global cybersecurity audit function under DOJ oversight.
Transitioning from public to private sector, Bobby served as the first CISO at Abbott Labs, was CISO for Unilever, and most recently was SVP and Chief Security Officer at Hewlett Packard Enterprise (HPE). Known for his collaborative style and empathetic leadership, Bobby fosters an inclusive culture that empowers entire security organizations to excel.
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.
Why LimaCharlie?
Eliminate vendor sprawl and tool complexity
Deploy and scale effortlessly on native multi-tenant architecture
Reduce costs with intelligent data routing and free 1-year retention
Build custom solutions with 100+ security capabilities on-demand
Accelerate response with agentic AI that acts directly within predefined workflows
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io
Follow LimaCharlie
Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
Guest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

Originally recorded: Friday May 29, 2026
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
A large-scale software supply chain attack dubbed “Megalodon” infected thousands of GitHub repositories with credential-stealing malware in a highly automated campaign that unfolded over a six-hour period on May 18, 2026.
Researchers from OX Security have identified a malicious npm package named “mouse5212-super-formatter” that was designed to steal files from Anthropic Claude AI environments by targeting the “/mnt/user-data” directory.
Convenience store giant 7-Eleven disclosed a data breach tied to an attack that occurred on April 8, 2026, involving systems that contained franchise-related documents. SecurityWeek article Matt references.
CISA has issued an urgent warning about a critical vulnerability in the LiteSpeed cPanel Plugin, tracked as CVE-2026-48172, which is already being actively exploited in the wild.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Join us for this week's Defender Fridays as Charles Grandjean, CTO and Co-founder at Hexiagon AI, breaks down where AI-assisted pen testing actually stands today and what it means for both red teams and defenders.
At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
What We'll Discuss
In this episode, Charles Grandjean draws on his experience building an AI-powered continuous pen testing platform to trace how LLM capabilities have evolved for offensive security, and what the rise of autonomous attack tooling means for defenders.
Key Topics:
How AI pen testing has progressed from unreliable single commands to chaining complex attack sequences
Why the last six months marked a turning point in LLM planning and long-context reasoning
When to use in-context learning and RAG versus fine-tuning, and why most teams should start with the former
Why privacy considerations push serious pen testing operations toward self-hosted models
How the balance between model control and code control has shifted as models have improved
Why unrestricted and fine-tuned open-weights models are lowering the barrier for malicious actors
What automated offense means for defense teams and why the response needs to match the scale of the threat
About Our Guest
Charles Grandjean is the CTO and Co-founder of Hexiagon AI, a company focused on automating penetration testing through AI to enable continuous, around-the-clock security validation. He has been building and iterating on AI-assisted offensive tooling for the past two years, tracking the evolution of LLM capabilities firsthand from early prototype to production system.
Register for Live Sessions
Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.
Register here: https://limacharlie.io/defender-fridays
Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!
Sponsored by LimaCharlie
This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.
Why LimaCharlie?
Eliminate vendor sprawl and tool complexity
Deploy and scale effortlessly on native multi-tenant architecture
Reduce costs with intelligent data routing and free 1-year retention
Build custom solutions with 100+ security capabilities on-demand
Accelerate response with agentic AI that acts directly within predefined workflows
Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io
Follow LimaCharlie
Sign up for free: https://limacharlie.io
LinkedIn: / limacharlieio
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/
Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
Guest: Charles Grandjean - CTO and Co-founder at Hexiagon AI

Originally recorded: Friday May 22, 2026
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
GitHub has confirmed that roughly 3,800 internal repositories were accessed in a supply chain compromise tied to the hacking group TeamPCP.
China-aligned threat actor Webworm has shifted its targeting focus from Asia to Europe, according to new research published by ESET.
Researchers uncovered a previously undocumented Microsoft 365 account takeover panel that integrates directly with Evilginx Pro infrastructure to streamline token theft and post-compromise operations.
European and North American law enforcement agencies announced the dismantling of “First VPN,” a VPN service allegedly built to support cybercriminal activity including ransomware operations, data theft, scanning, and denial-of-service attacks.
Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.
This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.