Silver Bullet Security Podcast

Welcome to the Silver Bullet Security Podcast, created and hosted by the Berryville Institute of Machine Learning, where we are defining the future of machine learning security.  From 2006-2018, we explored the nascent field of software security through the lens of building security in.  But today, the frontier has moved.  As we integrate machine learning into the fabric of our essential systems, we find ourselves facing a new set of architectural flaws and security challenges that traditional software security can’t touch.  On Silver Bullet, we’re shifting our focus to the security of machine learning—bringing the same deep-dive, “no silver bullet” philosophy to the world of AI.

To celebrate 10 straight years of the monthly Silver Bullet Security Podcast—120 months in a row—we’re flipping the mic. Marcus Ranum interviews me.

The name of the podcast is an inside joke reference to Fred Brook’s famous paper “No Silver Bullet — Essence and Accidents of Software Engineering.” There was once no silver bullet, now there is.

In its first iteration, the Silver Bullet Security Podcast with Gary McGraw was published once a month for thirteen and a half years.  The series started in April 2006 and ended in December 2018.  Below you can find a permanent archive of episodes.  The podcast features in-depth conversations I had with fellow security gurus.  Guests included technologists, academics, business people, authors, the press, and government officials.  Since its inception, episodes of Silver Bullet have been downloaded many millions of times.  On average, each episode has accumulated over 13,000 listeners.

• Episode 153: Gary McGraw, VP Security Technology, Synopsys, 12.28.18
• Episode 152: Elias Levy, Distinguished Engineer, Cisco, 11.21.18
• Episode 151: Meera Rao, Senior Principal Consultant, Synopsys, 10.30.18
• Episode 150: Filippo Valsorda, Cryptographic Engineer, Google, 9.26.18
• Episode 149: Brittany Postnikoff, Graduate Student, Waterloo, 8.30.18
• Episode 148: Gøran Breivik, CISO, Bergen (Norway), 7.30.18
• Episode 147: Kathleen Fisher, Chair, Tufts Department of Computer Science, 6.29.18
• Episode 146: Nicholas Weaver, Senior Staff Researcher, ICSI, 5.29.18
• Episode 145: Tanya Janka, Senior Cloud Advocate, Microsoft, 4.23.18
• Episode 144: Ron Gula, Co-founder, Gula Tech Adventures, 3.27.18
• Episode 143: Elena Kvochko, CIO, 2.26.18
• Episode 142: Craig Froelich, CISO, Bank of America, 1.17.18
• Episode 141: Bruce Potter, CISO, Expel, 12.28.17
• Episode 140: Adrienne Porter Felt, Senior Staff Software Engineer, Google, 11.30.17
• Episode 139: Matias Madou, co-founder and CTO of Secure Code Warrior, 10.31.17
• Episode 138: Nicole Perlroth, cyber security reporter for the New York Times, 9.29.17
• Episode 137: Wafaa Mamilli, CISO, Eli Lilly, 8.31.17
• Episode 136: Pavi Ramamurthy, Senior Information Security Manager, LinkedIn, 7.31.17
• Episode 135: Ksenia Dmitrieva-Peguero, Principal Consultant, Synopsys Software Integrity Group, 6.29.17
• Episode 134: Kelly Jackson Higgins, Executive Editor at DarkReading.com, 5.24.17
• Episode 133: Cheryl Biswas, Cyber Security Consultant, KPMG Canada, 4.27.17
• Episode 132: Chenxi Wang, founder of the Jane Bond Project, 3.29.17
• Episode 131: Kate Pearce, Senior Security Consultant, Cisco 2.28.17
• Episode 130: Jessy Irwin, Vice President of Security and Privacy at Mercury Public Affairs, 1.23.17
• Episode 129: Kelly Lum, Security Engineer, Spotify, 12.27.16
• Episode 128: Lesley Carhart, Principal Threat Hunter, Dragos, 11.29.16
• Episode 127: Marie Moe, Associate Professor, NTNU, 10.25.16
• Episode 126: Mike Pittenger, VP Security Strategy, Black Duck Software, 9.29.16
• Episode 125: Jim Manico, founder Manicode, 8.30.16
• Episode 124: Lance Cottrell, Chief Scientist, Ntrepid, 7.28.16
• Episode 123: Yanek Korff, co-founder and COO, Expel, 6.28.16
• Episode 122: David Nathans, Product Security Office, Siemens Healthcare, 5.31.16
• Episode 121: Marty Hellman, Emeritus Professor, Stanford, 4.26.16
• Episode 120: Silver Bullet Celebrates 10 Years! Marcus Ranum interviews Gary McGraw, 3.30.16
  • Video of Gary McGraw
• Episode 119: Jacob West, Chief Architect for Security Products at NetSuite, 2.29.16
• Episode 118: Jack Daniel, Tenable, 1.29.16
• Episode 117: Jamie Butler, CTO, Endgame, 12.22.15
• Episode 116: Doug Maughan, Division Director HSARPA, Department of Homeland Security, 11.30.15
• Episode 115: Peiter “mudge” Zatko, hacker, 10.28.15
• Episode 114: Peter “Pete” Clay, Chief Information Security Officer of Qlik, 9.29.15
• Episode 113: Chandu Ketkar, Principal Consultant, Cigital, 8.31.15
• Episode 112: Crypto Wars II with Steve Bellovin (Columbia) and Matt Green (Johns Hopkins), 7.23.15
• Episode 111: Marcus Ranum, Chief Security Officer of Tenable Network Security, 6.30.15
• Episode 110: Paul Dorey, CSO Confidential, 5.30.15
• Episode 109: Bart Preneel, Professor at Katholieke Universiteit Leuven, 4.22.15
• Episode 108: Katie Moussouris, Chief Policy Officer of HackerOne, 3.27.15
• Episode 107: Jean Camp, Professor at the Indiana University School of Informatics and Computing, 2.28.15
• Episode 106: Steve Katz, founder of Security Risk Solutions, 1.31.15
• Episode 105: Whitfield Diffie, Consulting Professor, Stanford, 12.31.14
• Episode 104:  Rick Gordon, Managing Partner at MACH37, 11.30.14
• Episode 103: Brian Krebs, reporter and blogger at Krebs on Security, 8.31.14
• Episode 102: Richard Danzig, one time Secretary of the Navy and Board member of the Center for New American Security, 9.17.14
• Episode 101: The IEEE Center for Secure Design with Jim Del Grosso (Synopsys), Yoshi Kohno (University of Washington), and Christoph Kern (Google), 8.26.14
• Episode 100: Roundtable discussion with the Cigital Principals, 7.23.14
  • Video of the Cigital Tech Fair Rountable
• Episode 099: Michael Hicks, Professor Computer Science at the University of Maryland, 6.30.14
• Episode 098: Bart Miller, Professor of Computer Sciences at the University of Wisconsin, 5.30.14
• Episode 097: Aaron Bedra, Software Security, Groupon, 4.30.14
• Episode 096: Nate Fick, CEO, Endgame, 3.31.14
• Episode 095:  Charlie Miller, Security Researcher, Twitter, 2.24.14
• Episode 094: Ming Chow, Assistant Professor of Computer Science, Tufts, 1.31.14
• Episode 093: Yoshi Kohno, Associate Professor of Computer Science and Engineering, University of Washington, 12.24.13
• Episode 092: Jon Callas, CTO, Silent Circle, 11.27.13
• Episode 091: Caroline Wong, Director of Security Initiatives, Cigital, 10.30.13
• Episode 090: Matthew Green, Assistant Research Professor, John Hopkins Information Security Institute, 9.30.13
• Episode 089: Mike Reiter, Lawrence M. Slifkin Distinguished Professor in the Department of Computer Science at the University of North Carolina at Chapel Hill, 8.31.13
• Episode 088: Christian Collberg, Associate Professor of Computer Science, University of Arizona, 7.31.13
• Episode 087: James Walden, Associate Professor or Computer Science, Northern Kentucky University, 6.30.13
• Episode 086: Wenyuan Xu,  Associate Professor in the Department of Computer Science and Engineering, University of South Carolina, 5.31.13
• Episode 085: Special episode on Mobile Security with Jim Routh and Scott Matsumoto, 4.30.13
• Episode 084: Hord Tipton, Executive Director, ISC2, 3.31.13
• Episode 083: Mark Graff, CISO, NASDAQ, 2.28.13
• Episode 082: Kevin Fu, Associate Professor of Electrical Engineering and Computer Science, University of Michigan, 1.18.13
• Episode 081: Steve Bellovin, Professor of Computer Science, Columbia, 12.26.12
• Episode 080: Thomas Rid, Reader in War Studies at King’s College London, 11.30.12
• Episode 079: Per-Olof Persson (a.k.a. Peo), head of Global Software Security Operations at Sony Mobile and Board member of Sony Corporation, 10.24.12
• Episode 078: Jacob West, Director, Software Security Research for the Enterprise Security Products division of Hewlett-Packard, 9.30.12
• Episode 077: Gary Warzala, CISO of Visa International, 8.28.12
• Episode 076: David Evans, Professor of Computer Science, University of Virginia, 7.27.12
• Episode 075: Howard Schmidt, retired White House Cyber Security Czar, 6.30.12
  • Video of Howard Schmidt
• Episode 074: Bruce Schneier, Chief Security Technology Officer, BT, 5.30.12
• Episode 073: Robert Vamosi, Senior Analyst, Mocana, 4.3o.12
• Episode 072: Randy Sabett, Zwillgen, 3.30.12
• Episode 071: Bill Arbaugh, Associate Professor of Computer Science at the University of Maryland, 2.29.12
• Episode 070: Ross Anderson, Professor of Security Engineering at the Computer Laboratory at Cambridge University, 1.31.12
• Episode 069: Steve Myers, Assistant Professor of Informatics and Computing in the School of Informatics at Indiana University, 12.29.11
• Episode 068: John Steven, Principal Consultant, Cigital, 11.30.11
• Episode 067: Bill Pugh, professor at the University of Maryland College Park, 10.28.11
• Episode 066: Shari Lawrence Pfleeger, Director of Research for the Institute for Information Infrastructure Protection at Dartmouth College, 9.29.11
• Episode 065: Giovanni Vigna, professor of Computer Science at UC Santa Barbara, 8.29.11
• Episode 064: Markus Schumacher, co-founder and CEO of Virtual Forge, 7.29.11
• Episode 063: Craig Miller, principal at the MAPA Group, 6.28.11
• Episode 062: Halvar Flake (a.k.a. Thomas Dullien), founder of Zynamics, 5.31.11
• Episode 061: Carl Landwehr, Director of Trustworthy Computing at the National Science Foundation and a Senior Research Scientist at the Institute for Systems Research within the University of Maryland, 4.28.11
• Episode 060: Neil Daswani, CTO and co-founder of Dasient, 3.30.11
• Episode 059: Ralph Langner, Founder and CEO of Langner Communications, 2.25.11
• Episode 058: John Savage, professor of Computer Science at Brown University and Jefferson Science Fellow for the State Department, 1.24.11
• Episode 057: Elinor Mills, senior writer at CNET’s news.com, 12.23.10
• Episode 056: Sammy Migues, Principal Consultant, Cigital, 11.30.10
• Episode 055: Deborah Frincke, Chief Scientist, Cybersecurity at Pacific Northwest National Laboratory, 10.29.10
• Episode 054: Marc Donner, engineering director for Google Health and Google Finance, 9.27.10
• Episode 053: Richard Bejtlich, Director of Incident Response for General Electric and Principal Technologist for GE’s Global Infrastructure Services, 8.23.10
• Episode 052: Paul Kocher, President and Chief Scientist of Cryptography Research, 7.21.10
• Episode 051: Anup Ghosh, founder and CEO, Invincea, 6.25.10
• Episode 050: Richard Clarke, internationally-recognized expert on security, 5.31.10
  • Video (1/4) of Richard Clarke
  • Video (2/4) of Richard Clarke
  • Video (3/4) of Richard Clarke
  • Video (4/4) of Richard Clarke
• Episode 049: Ivan Arce, co-founder and CTO of Core Security Technologies, 4.30.10
• Episode 048: Andrew Jaquith, senior analyst at Forrester, 3.25.10
• Episode 047:  Greg Morrisett, Professor of Computer Science at Cornell, 2.28.10
• Episode 046: David Rice, Apple, 1.27.10
• Episode 045: Lorrie Cranor, Associate Professor of Computer Science and Engineering and Public Policy at Carnegie Melon University, 12.18.09
• Episode 044: Steve Kent, Chief Scientist – Information Security, for BBN Technologies, 11.25.09
• Episode 043: Christofer Hoff, Director of Cloud and Virtualization Solutions at Cisco, 10.21.09
• Episode 042: Gillian Hayes, Assistant Professor in Informatics at the Bren School of Information and Computer Sciences at UC Irvine, 9.25.09
• Episode 041: Fred Schneider, Samuel B. Eckert Professor of Computer Science at Cornell University, 8.21.09
• Episode 040: Bob Blakley, VP and research director of The Burton Group, 7.17.09
• Episode 039: Matt Blaze, Associate Professor of Computer and Information Science at the University of Pennsylvania, 6.17.09
• Episode 038: Kay Connelly, Associate Professor of Computer Science at Indiana University and Senior Associate Director of IU’s Center for Applied Cybersecurity Research, 5.19.09
• Episode 037: Virgil Gligor, Professor at Carnegie Mellon University in the Department of Electrical and Computer Engineering and co-director of CyLab, 4.21.09
• Episode 036: Gary McGraw, CTO of Cigital, 3.18.09
• Episode 035: Daniel Suarez, author of Daemon, 2.23.09
• Episode 034: Bill Brenner, senior editor at CSO Online and CSO Magazine, 1.14.09
• Episode 033: Laurie Williams, Associate Professor of Computer Science at North Carolina State University, 12.22.08
• Episode 032: Jeremiah Grossman, Chief Technology Officer of WhiteHat Security, 11.13.08
• Episode 031: Matt Bishop, professor of Computer Science at UC Davis, 10.20.08
• Episode 030: Ken van Wyk, principal and founder of KRvW Associates, 9.26.08
• Episode 029: Dennis Fisher, executive editor of the Security Media Group at TechTarget, 8.18.08
• Episode 028: Bill Cheswick, lead member of technical staff at AT&T Research, 7.15.08
• Episode 027: Gunnar Peterson, Managing Principal at Arctec Group, 6.18.08
• Episode 026: Adam Shostack, Microsoft, 5.15.08
• Episode 025: Jon Swartz, USA Today, 4.18.08
• Episode 024: Mary Ann Davidson, Chief Security Officer of Oracle, 3.14.08
• Episode 023: Chris Wysopal, founder and CTO of Veracode, 2.19.08
• Episode 022: Ed Amoroso, Chief Information Security Officer of AT&T, 1.23.08
• Episode 021: Panel discussion with the Cigital Principals, 12.21.07
• Episode 020: Markus Jakobsson, Associate Professor of Informatics and associate director of the Center for Applied Cybersecurity Research at Indiana University, 11.16.07
• Episode 019: Mikko Hyppönen, Chief Research Officer at F-Secure, 10.18.07
• Episode 018: Eugene “spaf” Spafford, Professor of Computer Science and Electrical and Computer Engineering at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security (CERIAS), 9.25.07
• Episode 017: Eric Cole, CEO of Secure Anchor, 8.24.07
• Episode 016: Greg Hoglund, CEO of HBGary, 7.12.07
• Episode 015: Annie Antón, Associate Professor of Software Engineering at North Carolina State University, 6.19.07
• Episode 014: Peter Neumann, Principal Scientist at the SRI Computer Science Laboratory, 5.22.07
• Episode 013: Ross Anderson, Professor of Security Engineering at the Computer Laboratory at Cambridge University, 4.13.07
• Episode 012:  Becky Bace, Advisor to Trident Capital, 3.13.07
• Episode 011: Dorothy Denning, Professor in the Department of Defense Analysis at the Naval Postgraduate School, 2.15.07
• Episode 010: The Fortify Software Technical Advisory Board, 1.22.07
• Episode 009: Bruce Schneier, founder and CTO of Counterpane , 12.14.06
• Episode 008: Brian Chess, co-founder and chief scientist of Fortify Software, 11.17.06
• Episode 007: John Stewart, Cisco Chief Security Officer, 10.25.06
• Episode 006: Michael Howard, the Senior Security Program Manager of Microsoft’s Security Technology Unit, 9.28.06
• Episode 005: Ed Felten, Professor of Computer Science and Public Affairs at Princeton University and the Director of the Center for Information Technology Policy, 8.28.06
• Episode 004: Dana Epp, CEO and founder of Scorpion Software, 7.31.06
• Episode 003: Marcus Ranum, security guru and inventor of the firewall, 6.14.06
• Episode 002: Dan Geer, Chief Scientist at Verdasys, 5.12.06
• Episode 001: Avi Rubin, professor of computer science and technical director of the information security institute at Johns Hopkins University, 4.19.06