Cybersecurity

Cybersecurity Podcast Reviews

Published 22-11-2025 10:00

Sometimes I go on podcasts to talk about cybersecurity stuff, and I always leave a little bit disappointed. The discussion comes across as rushed and forced, and it feels more like an interview than a real conversation. Of course, these podcasts are still great because they have me on them, but they could be better.

So one night I posted on Twitter to ask if there are any good cybersecurity podcasts out there that are actually conversational. I recently became a father so I am staying up late doing nothing but rocking my child while she cries, so I might as well drown out the cries with a good cybersecurity discussion.

I received roughly 50 different podcast recommendations. I then made a joke that I would review each one ruthlessly, and unfortunately people took that seriously. So off I went, a prisoner to my audience, trying to review each and every podcast that people had recommended.

People have asked me to aggregate these reviews somewhere, so here we are.

Methodology

I quickly realized that I needed some sort of methodology for deciding which episode or episodes to listen to, so I made up some rules for myself. First, if the podcast host reached out to recommend a specific episode, I accepted that choice. If not, I then looked for a recent episode on AI, and if they have one I picked that. And if not, I just sort of picked randomly from the last few episodes, looking for a topic I felt vaguely comfortable with. And if the episode was short, say under 30 minutes, I often picked two episodes to be fair.

I then gave each episode a letter grade from A+ to F-. I did this based on vibes. I tried to compare against other episodes to keep some consistency, but the grades were ultimately somewhat arbitrary.

Disclaimer

I said I would review each podcast ruthlessly, and I refused to back down from the ruthless part. But please remember this was just for fun. If I gave a podcast a bad review, maybe it was just a bad episode, or maybe I am just an idiot. What do I know? I hope no one takes this too seriously. You shouldn’t really care what I think.

A-Grade Podcasts

  1. Squid Sec Podcast by @DotNetRussell. Episode on zero days with @b1ack0wl. Letter grade: A. Extremely human, conversational, well-produced, funny, and interesting. I can’t imagine someone listening to this and not enjoying it.

  2. Critical Thinking Bug Bounty Podcast by @Rhynorater, @gr3pme, and @rez0__. Episode 146 on horror stories. Letter grade: A-. First 30 minutes is news and gets a B-, but the second part is very entertaining even if I only understood half of it, hence the A- grade. I definitely recommend it.

  3. Cloud Security Podcast by Google with @anton_chuvakin. Episode 75 on scaling detection and 210 on horror stories. Letter grade: A-. Excellent content and format. Host and guests are mega smart. Minus points because it’s Google so a bit unfair, and I’m still mad at Vertex AI.

  4. Across the Pondcast by @0xTib3rius and @SwiftSecur1. Episode 18 on the UK Online Safety Act with @UK_Daniel_Card and 24 on security researchers vs open source with @IceSolst. Letter grade: A-. Originally a B+, because while Daniel had some banger lines, I can’t in good conscience give content about the UK an A. But then the next episode bumped it to an A-. Both episodes are great conversations.

B-Grade Podcasts

  1. EntraChat by @merill. Episode with @IAMERICAbooted. Letter grade: B+. Very conversational. Both the host and guest have a ton of knowledge and could clearly talk for hours. Great discussion. Would score higher but it is about Microsoft Entra.

  2. DontGetGot by @dontgetgot_. Episodes 1 and 2 on Myanmar scam centers. Letter grade: B+. Either I’m being fooled or this was wildly good for being very unknown. Not conversational, but the storytelling from the host is great. 25 minutes in total, so I’d recommend listening.

  3. Insecure Agents by @vtahowe. Episode 13 with Samuel Colvin and 14 with Bryan Russett and Alex Kesling. About AI agent security stuff. Letter grade: B. Allie matches the technical depth of her guests better than anyone, but they talk too much about the guests’ companies. Bonus points for video, minus points for the microphone blocking Allie’s entire face.

  4. Where Warlocks Stay Up Late by @NathanSportsman. Episode 7 with @JacobyDavid. Letter grade: B. I realized about half way through that I have been on a panel with David before and he disagreed with me. I therefore wanted to give this a bad score, but it was pretty okay. Talked about the history of hacking in Sweden.

  5. chITchat by @pamoutaf. Episode with @PinkDraconian on offensive security stuff. Letter grade: B-. The guest was super interesting, but the podcast didn’t live up to its name. More of an interview than a chat. Could use better audio, but it was still entertaining.

C-Grade Podcasts

  1. 7 Minute Security by Brian Johnson. Episode 699 on pre-travel security. Letter grade: C+. Wasn’t 7 minutes so hard to recover from that. No guests so no chill conversation. But the host was pretty funny. Decent audio despite being recorded in his car, seemingly.

  2. Phillip Wylie Show by @PhillipWylie. Episode on AI with Mike Bell and episode on pentesting with @0xTib3rius. Letter grade: C+. Better to not do an AI episode unless you’re really sure you have something cool. Too much sales pitching on it, too. The episode with Tib3rius was decent but old.

  3. The Defender’s Log by @DrtheNerd. Episode 8 on ransomware with Alexander Rau. Letter grade: C+. I’m sorry for this one. They’re friendly and having a chill conversation. But the guest is a partner at KPMG, so that kinda tells you why this isn’t my speed.

  4. Cybersecurity Defenders Podcast by @limecharlieio. Episode 267 with Alec Fenton on AI SecOps. Letter grade: C. Both the host and guest seem perfectly pleasant, so I feel bad saying this, but it was just boring. The AI use cases were lame automations. Very dry.

  5. Smashing Security by Graham Cluley. Episode 440 with @Scott_Helme. Letter grade: C-. Why did so many people recommend this? Way too many sponsors (3 segments in 45 minutes). Host just read a news story he knew nothing extra about. The guest segment was good but only 12 minutes long.

D-Grade Podcasts

  1. The Mindful Business Security Show by @AccidentalCISO. Episode on measuring cybersecurity programs in SMBs. Letter grade: D. It’s for SMBs but the guest is from a multi-billion-dollar org? Marie Antoinette levels of disconnect. The rest was state of the art in 2005 and is the same insight you’d get from ChatGPT.

  2. The styling on my site breaks if a list only has 1 item, so this is just a placeholder instead of me fixing the CSS.

F-Grade Podcasts

  1. Security Now by Steve Gibson and Leo Laporte. Episode 1050 on AI browsers. Letter grade: F. It was about AI browser but they seemingly haven’t used one? They read news stories they knew nothing about. Very smug attitude but often totally wrong. It was also 3+ hours long. Awful.

  2. I won’t name this podcast because it was just that bad. If you really want to know you can DM me. Letter grade: F-. I actually felt uncomfortable listening to it. The host and guest had zero chemistry and it was extremely awkward. The content was terrible.

Unrated Podcasts

  1. Genies in the Botnet by Rosie Anderson and Lisa Belmonte Diaz. Episode 1 with Lianne Potter. Letter grade: N/A. There is only one episode. Did I enjoy it? Not really, but that’s okay. Lianne ends by saying, “You have a story to tell and I want to hear it. There will be an audience for you.” She is right.

  2. Security Cryptography Whatever by @durumcrustulum, @tqbf, and @davidcadrian. Episode about Apple. Letter grade: ????. What are they talking about? I can’t review this because I have no clue what is going on. Someone who knows systems programming please review this for me.

Podcasts I Haven’t Reviewed Yet

  1. Darknet Diaries by @JackRhysider.

  2. Three Buddy Problem by @ryanaraine, @juanandres_gs, and @craiu.

  3. Risky Business by @patricky.risky.biz.

  4. Between Two Nerds by @tomatospy and @thegrugq.

  5. IT Sparc Cast by @loudoggeek.

  6. Defensive Security Podcast by Jerry Bell and @Lerg.

  7. No Password Required.

  8. Bare Knuckles and Brass Tacks by George Kamide and @GeorgeAlKoura.

To be continued (have about 10 more not listed here yet).

Disqualifications

  1. Exotic Liability. Reason: Old. The last episode is from 2015.

  2. Compromising Positions. Reason: Old. The last episode is from 2024.

  3. Tradecraft Tuesdays. Reason: Old. The last episode is from 2019.

  4. Malicious Life. Reason: Old. The last episode is from 2024.

  5. What the Shell. Reason: Old. The last episode is from March, 2025.