Bare Metal Cyber
Episodes
Certified: Your First Step into Tech with CompTIA Tech+
16 Mar 2026
Contributed by Lukas
The narrated version of our Monday “Certified” feature walks you through CompTIA Tech+ (Tech+) in simple, practical language. You will hear what T...
Concrete and Code: Smart Buildings as the Quiet New Attack Surface
11 Mar 2026
Contributed by Lukas
Smart buildings used to be a facilities concern; now they behave like distributed systems that can be probed, abused, or ransomed. In this narrated ed...
Keeping API Keys, Tokens, and Passwords Out of the Wrong Hands
10 Mar 2026
Contributed by Lukas
Secrets management for API keys, tokens, and passwords is often the quiet difference between a minor configuration mistake and a major breach. In this...
Certified: Launching Your Project Management Journey with CompTIA Project+
09 Mar 2026
Contributed by Lukas
This episode walks through CompTIA Project+ (Project+) as a practical first step into project leadership for early-career IT and cybersecurity profess...
SaaS Chain Reactions: When One App’s Breach Becomes Everyone’s Incident
04 Mar 2026
Contributed by Lukas
This narrated episode explores what happens when a “small” tool in your Software as a Service (SaaS) estate becomes the catalyst for everyone’s ...
Insight: Turning SIEM Events Into Actionable Signals
03 Mar 2026
Contributed by Lukas
If your Security Information and Event Management (SIEM) platform feels like a wall of noise, this episode is for you. We walk through what SIEM use c...
Certified: Hands-On Server Confidence with CompTIA Server+
02 Mar 2026
Contributed by Lukas
This narrated edition of our Monday “Certified” feature from Bare Metal Cyber Magazine walks you through CompTIA Server+ (Server+) in clear, pract...
Multi-Cloud Mirage: More Providers, Same Fragile Backbone
25 Feb 2026
Contributed by Lukas
This narrated edition of “Multi-Cloud Mirage: More Providers, Same Fragile Backbone” digs into the gap between the slideware story of multi-cloud ...
Insight: Third-Party Risk Questions That Actually Matter
24 Feb 2026
Contributed by Lukas
This audio episode explores Third-Party Risk Management (TPRM) as a practical, everyday part of how your organization works with vendors, cloud platfo...
Certified: Breaking into Tech from Zero with CompTIA IT Fundamentals (ITF+)
23 Feb 2026
Contributed by Lukas
This week on Certified, we break down CompTIA IT Fundamentals (ITF+), the gentle on-ramp for anyone who feels “tech-curious” but not yet “tech-c...
Platform Captivity: Life Inside a Single Cloud’s Walled Garden
18 Feb 2026
Contributed by Lukas
Cloud promises agility, savings, and simplicity, but for many organizations it has quietly become a walled garden with only one gate. In this audio ed...
Insight: When Source Code Spills Keys, Tokens, and Credentials
17 Feb 2026
Contributed by Lukas
When secrets leak into source code, they rarely announce themselves with flashing lights. In this audio companion to Bare Metal Cyber’s Tuesday “I...
Certified: How CompTIA Cloud+ Builds Real-World Cloud Confidence
16 Feb 2026
Contributed by Lukas
CompTIA Cloud+ (Cloud+) is built for people who already know their way around servers, networks, and virtualization, and are now being asked to make i...
Machine Identity Riot: Certificates, Tokens, and Bots Gone Wild
11 Feb 2026
Contributed by Lukas
In this audio edition of “Machine Identity Riot: Certificates, Tokens, and Bots Gone Wild,” we walk leaders through the trust fabric that actually...
Insight: Building Security Into CI/CD Without the Buzzwords
10 Feb 2026
Contributed by Lukas
This narrated episode explores DevSecOps in CI/CD pipelines as a practical way to build security into the same paths your code already takes from comm...
Certified: GIAC Security Essentials (GSEC): A Hands-On Baseline for Early-Career Defenders
09 Feb 2026
Contributed by Lukas
The GIAC Security Essentials (GSEC) narrated episode walks you through what this certification really is, who it serves, and why it sits in that sweet...
Cyber Leadership in the Age of AI Coworkers
04 Feb 2026
Contributed by Lukas
In this audio edition of Cyber Leadership in the Age of AI Coworkers, we explore what changes when artificial intelligence (AI) stops being a sidecar ...
Insight: Turning MITRE ATT&CK into a Defense Roadmap
03 Feb 2026
Contributed by Lukas
Threat-informed defense can feel abstract until you connect it directly to how real attackers move through your environment. In this narrated breakdow...
Certified: CompTIA A+ as Your First Real Checkpoint in IT and Cybersecurity
02 Feb 2026
Contributed by Lukas
CompTIA A+ is where an interest in tech turns into real-world IT support skills that employers can see and trust. In this Monday “Certified” episo...
Identity Bankruptcy: When Your Organization Runs Out of Trust
28 Jan 2026
Contributed by Lukas
When your identity data stops matching reality, every dashboard and control you rely on starts to wobble. In this audio edition of “Identity Bankrup...
Insight: Triage 101 – What Really Happens After an Alert Fires
27 Jan 2026
Contributed by Lukas
When a security alert fires, what really happens in those first few minutes? This narrated edition of our Tuesday “Insights” feature in Bare Metal...
Certified: CompTIA Network+ – The Early-Career Guide to Real-World Networking
26 Jan 2026
Contributed by Lukas
This episode takes you inside the CompTIA Network+ (Network+) certification from an early-career point of view, focusing on what the credential actual...
Copilot or Co-Conspirator? AI Helpdesks and the Next Social Engineering Wave
21 Jan 2026
Contributed by Lukas
In this episode, we unpack how AI helpdesks and support copilots are quietly becoming a new social engineering surface. Instead of just worrying about...
Insight: Reading Your Environment Through Logs, Events, and Alerts
20 Jan 2026
Contributed by Lukas
In this episode of Bare Metal Cyber’s Tuesday “Insights” feature, we unpack how security logs, events, and alerts can move from noisy fragments ...
Certified: Speaking Cloud with AWS Certified Cloud Practitioner
19 Jan 2026
Contributed by Lukas
When you see “AWS Certified Cloud Practitioner” on a resume, what does it really tell you about that person’s cloud skills? In this Monday “Ce...
Model Supply Chain Mayhem: Securing the AI You Didn’t Build Yourself
14 Jan 2026
Contributed by Lukas
In this episode, we dig into what happens when your most important artificial intelligence (AI) capabilities come from models, copilots, and APIs you ...
Insight: Making Sense of Security Control Types
13 Jan 2026
Contributed by Lukas
Security controls are often described as policies, tools, and processes, but in practice they shape how your defenses behave before, during, and after...
Certified: CRISC at the Intersection of Cyber Risk and Business Decisions
12 Jan 2026
Contributed by Lukas
Risk is where business decisions collide with real technology limits, and ISACA’s Certified in Risk and Information Systems Control (CRISC) sits rig...
Cyber Talks: The Four Ps of Marketing for Cybersecurity: A Cyber Talks Conversation with Tapan Deka
08 Jan 2026
Contributed by Lukas
In my latest Cyber Talks session, developed by BareMetalCyber.com, I sat down with Tapan Deka, assistant professor at Madhavi Skills University, to ex...
Ghosts in the Training Data: When Old Breaches Poison New AI
07 Jan 2026
Contributed by Lukas
In this narrated edition of Ghosts in the Training Data: When Old Breaches Poison New AI, we explore how years of incidents, leaks, and scraped datase...
Insight: Making Defense in Depth Actually Work
06 Jan 2026
Contributed by Lukas
Defense in depth is one of those phrases everyone uses, but few teams can clearly describe in terms of everyday work. In this narrated edition of our ...
Certified: Building Your Analyst Mindset with CompTIA CySA+
05 Jan 2026
Contributed by Lukas
This episode walks through the CompTIA Cybersecurity Analyst (CySA+) certification in clear, practical terms for early-career defenders. You will hear...
SOC Pager Olympics: Gold Medal in 3 A.M. False Alarms
31 Dec 2025
Contributed by Lukas
In this episode, we break down the reality of the SOC Pager Olympics—the endless cycle of 3 a.m. wake-ups triggered by false alarms. You’ll hear h...
Network Segmentation Without the Buzzword Fog
30 Dec 2025
Contributed by Lukas
When your network still feels like one big open floor plan, a single compromised device can turn into a building-wide fire. In this audio companion to...
Certified: Monday: PCI Professional (PCIP) – Learning to Speak the Language of PCI DSS
29 Dec 2025
Contributed by Lukas
This episode walks you through the PCI Professional (PCIP) certification in clear, everyday language. We start with what PCIP is designed to prove, wh...
SBOM & Chill: You Don’t Need Every Ingredient—Just the Allergens
24 Dec 2025
Contributed by Lukas
In this episode, we strip away the noise surrounding Software Bills of Materials and reframe them through a fresh lens: allergens. Instead of drowning...
Insight: Asset Inventory Basics for Real-World Defenders
23 Dec 2025
Contributed by Lukas
In this narrated Insight, we unpack cyber asset inventory as the quiet backbone of a modern security program. You will hear what cyber asset inventory...
Certified: How CCISO Signals You’re Ready for Executive Security Leadership
22 Dec 2025
Contributed by Lukas
The Certified Chief Information Security Officer (CCISO) exam is built for security leaders who are ready to move from running tools to running a prog...
Cyber Talks: Tracking School Swatters and Shooters: Turning Online Leakage Into Action with Detective Richard Wistocki
18 Dec 2025
Contributed by Lukas
In my conversation with Detective Richard Wistocki (Ret.), we talked candidly about a reality that many school leaders and law enforcement professio...
Tabletop Telenovela: Turning Your IR Plan into a Drama People Remember
17 Dec 2025
Contributed by Lukas
In this episode, you’ll learn how to transform a traditional, forgettable tabletop exercise into something unforgettable: a telenovela. We explore h...
Insight: Turning Patch and Update Management into a Strength
16 Dec 2025
Contributed by Lukas
Patch and update management rarely makes headlines, but it quietly determines how exposed your environment really is. In this audio Insight, we walk t...
Certified: Stepping Into Security Leadership with CISM
15 Dec 2025
Contributed by Lukas
This episode takes you inside the world of the Certified Information Security Manager (CISM), a certification that helps professionals grow from hands...
Cyber Talks: Phishing in the Age of Agentic AI: Craig Taylor on Culture, Literacy, and the New Human Firewall
11 Dec 2025
Contributed by Lukas
In my Cyber Talks conversation with Craig Taylor the co-founder and CEO of CyberHoot, we dive into a problem that is evolving faster than most organiz...
Email Is Your Unpatchable Legacy App
10 Dec 2025
Contributed by Lukas
In this episode, we explore why email is both the oldest and most dangerous application in your enterprise. You’ll learn how protocols built in the ...
Insight: How CVEs and CVSS Turn Vulnerabilities into Decisions
09 Dec 2025
Contributed by Lukas
Understanding vulnerability data can feel like learning a new language, especially when every report is packed with identifiers and scores. In this na...
Certified Monday: Seeing Systems Like an Auditor with the CISA Certification
08 Dec 2025
Contributed by Lukas
This episode walks through the Certified Information Systems Auditor (CISA) certification in clear, beginner-friendly language, focusing on what it re...
Weekly Cyber News Rollup, December 5th, 2025
05 Dec 2025
Contributed by Lukas
This is your weekly cyber news roll-up for the week ending December 5th, 2025. Holiday shopping dominates the threat landscape, with industrial scale ...
Cyber Talks: Excel Is Not Your GRC Solution: Scaling Governance Beyond Spreadsheets
04 Dec 2025
Contributed by Lukas
Excel is great for many things — but it is not a governance, risk, and compliance (GRC) platform. In this Cyber Talk developed by BareMetalCyber.com...
Shadow SaaS: 1,000 Apps, 0 Approvals, Unlimited Risk
03 Dec 2025
Contributed by Lukas
In this episode, we pull back the curtain on Shadow SaaS—the hidden world of unsanctioned apps quietly multiplying across the enterprise. You’ll l...
Insight: Cyber Kill Chain and Attack Lifecycles
02 Dec 2025
Contributed by Lukas
This narrated Insight walks through the Cyber Kill Chain (CKC) and broader cyber attack lifecycle models as practical tools for real-world defenders. ...
Certified: CompTIA Security+ as Your Cybersecurity Launchpad
01 Dec 2025
Contributed by Lukas
Step into the world of CompTIA Security+ (Security+) with this narrated guide designed for early-career technologists and career-changers. This episod...
Weekly Cyber News Rollup, November 28th, 2025
28 Nov 2025
Contributed by Lukas
This is your weekly cyber news roll-up for the week ending November 27th, 2025. This week revolves around quiet dependencies turning into loud problem...
Zero Trust Theater: We Put a Fancy Gate on a Cardboard Wall
26 Nov 2025
Contributed by Lukas
In this episode, we uncover the reality of “Zero Trust theater”—where organizations invest in flashy front gates like MFA prompts, dashboards, a...
Weekly Update: Cyber News for the Week ending 21 November, 2025
21 Nov 2025
Contributed by Lukas
This is your weekly cyber news roll-up for the week ending November 21st, 2025. We track a crippling cyberattack on a major automaker that shut factor...
Cyber Talks - Break Things Safely: A High-Value Cyber Exercise Program with Daniel Hammond
20 Nov 2025
Contributed by Lukas
Don’t wait to learn the fire drill while the building’s on fire. In this Cyber Talk developed by BareMetalCyber.com, Army veteran and cyber resili...
XDR, EDR, NDR, MDR, WTF-DR?
19 Nov 2025
Contributed by Lukas
In this episode, we cut through the alphabet soup of cybersecurity—EDR, NDR, XDR, MDR, and even the tongue-in-cheek WTF-DR. You’ll learn what each...
Weekly Cyber News Rollup, November 14th, 2025
14 Nov 2025
Contributed by Lukas
This is your weekly cyber news roll-up for the week ending November 14th, 2025. This week centers on phones, clouds, and core identity systems under p...
Phishing ‘Hunger Games’: May the Odds Be Ever in Your Favor (They Aren’t)
12 Nov 2025
Contributed by Lukas
In this episode, we explore phishing as a rigged arena where attackers decide the rules and employees become the unwilling contestants. You’ll learn...
Weekly Cyber News Rollup, November 7th, 2025
08 Nov 2025
Contributed by Lukas
This is this week’s cyber news for November third through November seventh, twenty twenty-five. The week unfolded with relentless attacks on edge in...
The Cult of the Dashboard: Vanity Metrics Anonymous
05 Nov 2025
Contributed by Lukas
In this episode, The Cult of the Dashboard: Vanity Metrics Anonymous, we expose the seductive world of flashy dashboards and meaningless numbers. List...
Weekly Cyber News Rollup, October 31st, 2025
31 Oct 2025
Contributed by Lukas
This is this week’s cyber news for October 27th through October 31st, 2025. The week opens with trusted update lanes under attack and an emergency f...
Patch Tuesday, Breach Wednesday
29 Oct 2025
Contributed by Lukas
In this episode of Bare Metal Cyber, we break down the monthly ritual every security team knows too well: Patch Tuesday. You’ll learn why the very a...
Weekly Cyber News Rollup, October 24th, 2025
24 Oct 2025
Contributed by Lukas
This is the Friday Rollup for October twentieth through October twenty-fourth, twenty twenty-five. A turbulent week put resilience and identity under ...
GenAI Policy Mad Libs: ‘Don’t Paste {Sensitive Thing} into {Cool Bot}’
22 Oct 2025
Contributed by Lukas
In this episode, we unpack why the popular slogan “don’t paste {Sensitive Thing} into {Cool Bot}” has become the lazy default for GenAI policy—...
Weekly Cyber News Rollup, October 17th, 2025
17 Oct 2025
Contributed by Lukas
The Bare Metal Cyber — Friday Edition is your end-of-week cybersecurity intelligence wrap, turning five days of breaking threats into one fast, acti...
Shrodingers Firewall
15 Oct 2025
Contributed by Lukas
In this episode, we dive into the unsettling paradox of Schrödinger’s Firewall—where your data is both safe and already compromised in the loomin...
Trailer
14 Oct 2025
Contributed by Lukas
Weekly Cyber News Rollup, October 10th, 2025
10 Oct 2025
Contributed by Lukas
This week’s wrap cuts through the noise. We break down North Korea’s multi-billion-dollar crypto theft problem, the Salesforce-adjacent extortion ...
When Zero Trust Meets Zero Patience
08 Oct 2025
Contributed by Lukas
In this episode, we take on the fatigue that often comes with Zero Trust—those endless logins, rigid rules, and culture-draining compliance routines...
Weekly Cyber News Rollup, October 3rd, 2025
03 Oct 2025
Contributed by Lukas
This is the Friday Rollup for September 29th through October 3rd, 2025. It was a week of edge-device pressure, identity weak spots, and evolving email...
Crypto or Consequences
01 Oct 2025
Contributed by Lukas
Ransomware is no longer just about malicious code—it’s about business models, negotiation tactics, and the psychology of fear. In this episode, we...
Your MFA Is Not Two-Factor—It’s SMS and a Prayer
24 Sep 2025
Contributed by Lukas
In this episode, we expose the illusion of security created by SMS-based multi-factor authentication. Listeners will learn why text-message codes fail...
Glitched on Arrival: When AI Learns the Wrong Lessons
27 Aug 2025
Contributed by Lukas
In this episode, we explore the strange yet critical world of adversarial machine learning—where tiny, unseen manipulations can fool AI systems into...
Will AI trigger the First White Collar Recession?
20 Aug 2025
Contributed by Lukas
Will AI trigger the first white-collar recession—or just change what those jobs look like? This episode follows the quiet early tells—executive hi...
Keyboard Assassins: Inside the Covert World of State-Sponsored Cyber Sabotage
13 Aug 2025
Contributed by Lukas
In this episode of BareMetalCyber, we delve into the shadowy world of state-sponsored cyber sabotage, examining how nations increasingly leverage digi...
Ctrl+Alt+Comply: The Wild World of Cyber Regulations
06 Aug 2025
Contributed by Lukas
In this episode of BareMetalCyber, we narrate the article Ctrl+Alt+Comply: The Wild World of Cyber Regulations, taking you through the tangled web of ...
When Smart Gets Sinister: Taming the IoT Rebellion
30 Jul 2025
Contributed by Lukas
In today's episode, we dive into the dark side of our increasingly connected world, exploring how ordinary IoT devices—like coffee makers, fish tank...
From LOLs to Lateral Movement: Securing ChatOps
23 Jul 2025
Contributed by Lukas
In today's episode, we explore how ChatOps—the integration of collaboration and operations through platforms like Slack and Teams—has reshaped mod...
Click Less, Protect More: Building Your Office’s Human Firewall
16 Jul 2025
Contributed by Lukas
In today's episode, we're tackling one of cybersecurity's biggest challenges: the human factor. Employees, often considered the weakest link in an org...
Firewalls and Frontlines: Cybersecurity in the Age of Digital Warfare
09 Jul 2025
Contributed by Lukas
In this episode of BareMetalCyber, we dive deep into the emerging frontlines of digital warfare, where traditional weapons have given way to malicious...
Inside Job: Profiling the Mind of an Insider Threat
02 Jul 2025
Contributed by Lukas
In today's episode, we explore one of the most challenging cybersecurity issues organizations face—the insider threat. Unlike external cyberattacks,...
Seeing is Deceiving: Preparing for the Deepfake Cyber Threat
25 Jun 2025
Contributed by Lukas
In today's episode, we dive deep into the sinister and rapidly evolving world of deepfake cybercrime. Once relegated to harmless internet pranks, deep...
Burnout in the SOC: Is Automation the Cure or the Culprit?
18 Jun 2025
Contributed by Lukas
In today's episode of the Bare Metal Cyber podcast, we dive deep into an often-overlooked crisis in cybersecurity: analyst burnout in the Security Ope...
Click First, Ask Never: Shadow IT’s Quiet Rebellion
11 Jun 2025
Contributed by Lukas
In today’s episode, we dive deep into the hidden realm of Shadow IT—those unsanctioned technologies quietly spreading through nearly every modern ...
Broken Links: Surviving the Supply Chain Cybertrap
04 Jun 2025
Contributed by Lukas
Third-party cybersecurity breaches are rapidly becoming one of the most serious threats facing organizations today. Attackers exploit vendor vulnerabi...
Virtual Reality Check: Cybersecurity in XR’s Wild West
28 May 2025
Contributed by Lukas
In this episode of the Bare Metal Cyber podcast, we explore the cybersecurity challenges facing Extended Reality—everything from hijacked avatars to...
Prompts of Mass Destruction: How Solo Hackers Are Turning Public AI into Weapons
21 May 2025
Contributed by Lukas
In this episode of BareMetalCyber, we explore the dark side of artificial intelligence and reveal how solo hackers are turning publicly available AI t...
Beyond Passwords: The Future of Secure Identity Management
14 May 2025
Contributed by Lukas
In this episode, we take a deep dive into the future of identity management and why passwordless authentication is gaining traction. Passwords have lo...
Industrial Control Systems Under Siege: Battling Advanced Cyber Threats
07 May 2025
Contributed by Lukas
In this episode, we dive deep into the growing cyber threats targeting Industrial Control Systems (ICS) and SCADA environments—critical infrastructu...
Cybersecurity on Autopilot: Unlocking the Potential of SOAR
30 Apr 2025
Contributed by Lukas
In this episode, I take you through the world of Security Orchestration, Automation, and Response—Security Orchestration, Automation, and Response—...
Beyond Passwords: The Future of Secure Identity Management
23 Apr 2025
Contributed by Lukas
In this episode, I take a deep dive into the future of identity management and why passwordless authentication is gaining traction. Passwords have lon...
Off the Record, On the Radar: Why Personal Comms Keep Haunting Government Cybersecurity
22 Apr 2025
Contributed by Lukas
In this podcast episode, I explore the persistent cybersecurity issue involving U.S. government officials using personal communication methods—like ...
Cyber Illusions: How Security Teams Trick and Track Attackers
16 Apr 2025
Contributed by Lukas
In this episode, I dive into the fascinating world of cyber deception—where security teams use honeypots, honeytokens, and other digital traps to lu...
The Cybersecurity Storm: 5G, IoT, and the Next Wave of Attacks
09 Apr 2025
Contributed by Lukas
In this podcast episode, I take a deep dive into the evolving cybersecurity threats brought on by the rapid expansion of five gee and Eye oh tee. With...
Ransomware Warfare: Advanced Tactics for Ransomware Response
02 Apr 2025
Contributed by Lukas
In this episode of BareMetalCyber, we dive into the evolving world of ransomware—breaking down how these attacks have transformed from simple lock-a...
Beyond Perimeters: Mastering Zero Trust
26 Mar 2025
Contributed by Lukas
In this podcast episode, I take a deep dive into Zero Trust Architecture, breaking down why the traditional security perimeter is no longer enough and...
Hacked by a Human: The Future of Social Engineering and Phishing
19 Mar 2025
Contributed by Lukas
In this episode, Hacked by a Human: The Future of Social Engineering and Phishing, breaking down how cybercriminals are evolving their tactics to mani...
Deconstructing Malware: A Deep Dive into Advanced Threat Analysis
12 Mar 2025
Contributed by Lukas
Malware is the backbone of modern cyber threats, evolving rapidly to outsmart security defenses and infiltrate systems undetected. In this episode of ...
Dark Web Intelligence
05 Mar 2025
Contributed by Lukas
The dark web isn’t just a hidden corner of the internet—it’s a thriving underground economy where cybercriminals buy and sell stolen data, hacki...
Bulletproof the Cloud: Building Systems That Survive Outages and Attacks
26 Feb 2025
Contributed by Lukas
In this gripping episode of Bulletproof the Cloud, Dr. Jason Edwards, a cybersecurity veteran and cloud resilience expert, takes listeners on a journe...