Signal vs. Noise - The Pulse | Podcasts sur Audible

Épisodes

Pulse 16: Severity is NOT Probability

May 18 2026

CISA added a Linux kernel flaw to its Known Exploited Vulnerabilities list on May 1. CVSS 7.8. Federal agencies got two weeks to patch. Working exploit code in three languages.
The 9.8s your scanner pushed to the top of the dashboard last week were probably nobody's target.
This is the CVSS trap. Severity is not probability. CVSS is not a risk score. And almost every founder-led company has stepped in it.
First episode of a six-week series on the gap between what you measure and what gets exploited.
Full edition: signal.echocyber.io
Take the Signal Score: echocyber.io/assessment

Afficher plus Afficher moins

6 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement
Pulse 15: Your AI Has a Trust Model. You Didn't Write It.

May 11 2026

Your AI has a trust model. You didn't write it.
Episode 15 is the audio cut of Pulse #15. Pillar Security disclosed a CVSS 10 in Google's Gemini CLI last month, an exploit chain that started with one public GitHub issue and ended with arbitrary code on the main branch of a Google repo. The same pattern showed up in eight other Google-maintained repos. Host Jane walks through why this isn't a coding flaw, why prompt injection understates what happened, and the question every security review of an AI tool should be asking but isn't: what is this agent authorized to trust, and did anyone define that before we deployed it?
Featuring Bruce Schneier on trust as a design decision, and why the patch closed the vulnerability but not the governance gap.
→ Signal Score: echocyber.io/assessment
→ Newsletter: signal.echocyber.io
Editorial: Mike Faas, fractional CTO/CISO at Echo Cyber. Voice by ElevenLabs.

Afficher plus Afficher moins

5 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement
Pulse 14: 9 out of 10 SMBs have a compromised user right now

May 4 2026

The compromise isn't the event. It's the precondition.
Episode 14 is the audio cut of Pulse #14. Guardz dropped a number this week that should have stopped every founder's morning: nine in ten SMBs have at least one compromised user account active right now. Not at risk. Active. Host Jane walks through why this isn't a tooling problem (most SMBs already own the tools), why prevention isn't the relevant conversation anymore, and the three detection questions every business owner should be able to answer in one sentence each.
Plus: an Adobe Acrobat zero-day exploited for four months before disclosure, an AI coding agent that ran terraform destroy on a live production database, and why phishing simulations aren't the answer to the question the Guardz number is asking.
→ Signal Score: echocyber.io/assessment
→ Newsletter: signal.echocyber.io
Editorial: Mike Faas, fractional CTO/CISO at Echo Cyber. Voice by ElevenLabs.

Afficher plus Afficher moins

7 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement
Pulse 13: You Bought a Product. It's Running a Process You Never Designed.

Apr 27 2026

You bought a product. It's running a process you never designed.

Episode 13 is the audio cut of Pulse #13 — Jim Langevin's decade-old line applied to the thing most boards are still debating. Host Jane walks through why AI coding agents aren't the tool your vendor sold you — they're an autonomous process with network egress, shell access, and more trust than any intern — and why nobody in your org can name the person accountable for what they do.

Plus: ADT's third breach in two years (SSO vishing → Salesforce → ten million records), a new OAuth phishing toolkit that bypasses passkeys entirely, and why banning AI assistants is the worst move your board could make.

→ Signal Score: echocyber.io/assessment
→ Newsletter: signal.echocyber.io

Editorial: Mike Faas, fractional CTO/CISO at Echo Cyber. Voice by ElevenLabs.

Afficher plus Afficher moins

6 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement
Pulse 12: Your Identity Gap Is Actually Nine Problems

Apr 21 2026

Your Identity program isn't an Identity problem.
NOTE: Episode numbering matches the Signal vs. Noise newsletter — this podcast launched when the newsletter was at Pulse #12. Audio episodes align one-to-one with newsletter issues.
Episode 12 is the audio cut of Pulse #12 — the cascade argument applied to the one domain that drags nine others down with it.
Host Jane walks through why weak identity quietly pulls AppSec, Incident Response, Compliance, and AI Governance into the same grave, why CrowdStrike's latest numbers — eighty-two percent malware-free, twenty-seven-second breakout — mean your perimeter is watching the wrong door, and why buying another IAM product makes the cascade worse, not better.

This is the episode where the Signal Score goes live. Fifteen minutes. Free. It maps the cascade shape inside your own program.

→ Signal Score: echocyber.io/assessment
→ Newsletter: signal.echocyber.io

Editorial: Mike Faas, fractional CTO/CISO at Echo Cyber. Voice by ElevenLabs.

Afficher plus Afficher moins

5 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement
Pulse 0: The Cascade Problem

Apr 20 2026

Start here. Episode 0 is the orientation episode — five minutes that lays out the editorial spine for Signal vs. Noise.

Security doesn't fail in silos. It fails in cascades. Host Jane walks through why most security failures trace back to leaders treating complex systems like complicated ones — and why the frameworks that decompose security into independent domains structurally hide the cascades that actually take programs down.

Running order: the premise, the thesis, the show's cadence, and where to find the Signal Score assessment.

→ Signal Score (free, 15 minutes): echocyber.io/assessment
→ Newsletter: signal.echocyber.io
→ Website: echocyber.io

Editorial: Mike Faas, fractional CTO/CISO at Echo Cyber. Voice by ElevenLabs.

Afficher plus Afficher moins

5 min

Impossible d'ajouter des articles

Désolé, nous ne sommes pas en mesure d'ajouter l'article car votre panier est déjà plein.

Veuillez réessayer plus tard

Veuillez réessayer plus tard

Échec de l’élimination de la liste d'envies.

Veuillez réessayer plus tard

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Écouter gratuitement

Épisodes

Pulse 16: Severity is NOT Probability

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Pulse 15: Your AI Has a Trust Model. You Didn't Write It.

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Pulse 14: 9 out of 10 SMBs have a compromised user right now

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Pulse 13: You Bought a Product. It's Running a Process You Never Designed.

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Pulse 12: Your Identity Gap Is Actually Nine Problems

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast

Pulse 0: The Cascade Problem

Impossible d'ajouter des articles

Échec de l’élimination de la liste d'envies.

Impossible de suivre le podcast

Impossible de ne plus suivre le podcast