The 25 Best Cyber Security Podcasts (2026)

Jack Rhysider makes Darknet Diaries mostly by himself, and that fact becomes more impressive the longer you listen. Every episode is a narrative-driven story about hackers, cybercrime, digital espionage, or internet subcultures, researched and told with the care of a well-produced documentary series. Rhysider interviews the people involved -- sometimes the hackers themselves, sometimes the investigators who chased them, sometimes the victims -- and weaves their accounts into tight, suspenseful episodes that run 60 to 90 minutes.

The topics are wild. A teenager who accidentally built one of the biggest botnets ever seen. A corporate penetration tester who talked her way into a bank vault. The inside story of the Stuxnet worm. A Nigerian scammer who had a sudden change of heart. Rhysider has a calm, direct delivery that lets the stories do the heavy lifting, and he never assumes technical knowledge -- if something needs explaining, he explains it in plain English without being condescending about it.

Darknet Diaries started in 2017 and has steadily built a passionate audience. With over 150 episodes and a 4.8-star rating from more than 33,000 reviews, it is one of the most respected independent podcasts on the internet. The production quality rivals shows with full teams behind them -- sound design, music, scripting, everything is polished.

For car rides, the longer episodes are a gift. A 75-minute commute or a solo road trip is the natural home for this show. The stories are linear and well-paced, so you can follow along while driving without needing to rewind. Even non-technical listeners get hooked quickly, and you will find yourself looking for excuses to stay in the car just to hear how the episode ends.

If you work in cybersecurity and only have time for one daily news podcast, CyberWire Daily is the one. Hosted by Dave Bittner, this weekday show from N2K Networks packs the day's most important security news into digestible episodes that typically run 20 to 30 minutes. Bittner has a broadcast journalist's delivery — polished, authoritative, but never stuffy — and he moves through headlines at a pace that respects your time.

The show has been running since 2016 and has racked up over 2,000 episodes. Each one follows a consistent structure: a rapid-fire rundown of the day's top cyber stories, followed by a deeper segment that might be an expert interview, a research breakdown, or a career-focused discussion. The recurring segments keep things fresh — Research Saturday brings on analysts to dissect new threat intelligence, while Career Notes profiles professionals at different stages of their security careers.

N2K Networks built a whole ecosystem around this show, and it shows. The sourcing is solid, the analysis is measured, and Bittner knows how to ask the right follow-up questions when talking to guests. Some listeners mention the ads can pile up, which is fair, but the content between them is consistently strong. With a 4.8 star rating from over a thousand reviews, CyberWire Daily has earned its reputation as the morning briefing that security teams actually trust. It is essentially the Reuters of cybersecurity podcasting.

Patrick Gray launched Risky Business back in 2007, and it has become one of the most respected voices in infosec media. Alongside co-host Adam Boileau, Gray delivers weekly episodes that run about 50 to 60 minutes and manage to be both deeply informative and genuinely entertaining. The show bills itself as "a security podcast without the waffle" and that is an accurate description.

Each episode follows a loose but effective format. Gray and Boileau kick things off with a news discussion segment where they riff on the week's biggest security stories. Their chemistry is natural — they have been doing this long enough that the banter flows without feeling forced. After the news block, the show typically moves into sponsored interview segments where vendors and researchers get to talk about their work in substantive, non-salesy conversations.

What makes Risky Business stand apart is its editorial voice. Gray is an Australian journalist by training, and it shows. He asks pointed questions, pushes back on hype, and is not afraid to call out bad takes in the industry. The show assumes its audience knows the basics, so you will not hear 101-level explainers here. This is a podcast made by security people, for security people. It has maintained a 4.6 star rating across nearly 370 reviews, with listeners consistently praising the depth of coverage and the hosts' willingness to have actual opinions. If you already work in the field and want a smart weekly roundup, this is your show.

Graham Cluley and Carole Theriault bring something rare to cybersecurity podcasting: genuine humor that does not come at the expense of substance. Smashing Security drops weekly on Wednesdays, and over 460 episodes since 2017, the duo has built a loyal following by treating even the most alarming security news with a light touch and sharp wit. The show won best cybersecurity podcast awards in 2018, 2019, 2022, 2023, and 2024, and it is easy to hear why.

The format is conversational. Cluley and Theriault pick two or three stories each week — data breaches, scam operations, privacy blunders, corporate security fails — and discuss them like two old friends catching up over coffee. They frequently bring on guests too, and the guest list has included names like Garry Kasparov and Mikko Hypponen, which gives you a sense of the show's reach.

Cluley is a cybersecurity industry veteran who has been writing about viruses and hacking since the early 1990s, and Theriault brings years of experience as a security researcher and journalist. Together they make dense topics accessible without oversimplifying. Episodes run about 45 minutes to an hour, and the production is clean. With over 10 million downloads and a 4.5 star rating, Smashing Security proves that cybersecurity does not have to be dry or intimidating. A premium tier offers early access and ad-free episodes for those who want the full experience.

Steve Gibson and Leo Laporte have been hosting Security Now together since 2005, making it one of the longest-running cybersecurity shows in existence. Every Tuesday, Gibson brings his encyclopedic knowledge of computer security to the TWiT network, breaking down the week's vulnerabilities, exploits, and patches in a level of technical detail you will not find on most other security podcasts.

Gibson is a programmer and security researcher who created the first spyware detection tool (OptOut) back in the early 2000s. He has a gift for explaining complex technical concepts in a way that is thorough without being impenetrable. Leo Laporte plays the role of informed audience surrogate — asking the right questions, keeping the conversation grounded, and occasionally steering Gibson back when he goes deep into the weeds (which happens regularly, and fans love it).

Episodes record live on Tuesdays at 4:30 PM Eastern and typically run over an hour. The show covers specific CVEs, patches from Microsoft and others, encryption news, protocol-level security topics, and broader trends like AI-generated malware and supply chain attacks. Nearly 2,000 people have rated it on Apple Podcasts, giving it a solid 4.6 stars. The show skews technical — if you want to understand how a vulnerability actually works at the code level, this is your podcast. Gibson's methodical approach and genuine passion for security are what keep listeners coming back after two decades.

Dave Bittner and Joe Carrigan team up weekly on Hacking Humans to focus on something most security podcasts only touch on in passing: the human side of cybercrime. Social engineering, phishing, scams, manipulation tactics — this show from N2K Networks (the same team behind CyberWire Daily) is entirely dedicated to how attackers exploit people rather than code.

The format is relaxed and conversational. Bittner and Carrigan have an easy rapport — Bittner brings his journalist background and Carrigan provides the technical perspective from his work at Johns Hopkins. They break down real-world scam attempts, dissect phishing campaigns, and explain the psychology behind why these attacks actually work. Maria Varmazis also joins regularly, adding another voice to the mix.

One of the show's best features is "Catch of the Day," where listeners submit scam emails, texts, and calls they have received, and the hosts break them down. It turns audience participation into genuinely useful education. The show also runs "Only Malware in the Building" bonus episodes monthly, featuring guest experts like Selena Larson from Proofpoint. With 746 episodes and counting, a 4.6 star rating, and a focus that fills a real gap in security podcasting, Hacking Humans is a smart pick for anyone who deals with security awareness or just wants to stop falling for phishing emails.

Jim Love runs a tight ship with Cybersecurity Today. This daily podcast delivers quick, no-nonsense updates on the latest threats, breaches, and vulnerabilities hitting businesses around the world. Episodes usually land around 10 to 20 minutes, which makes it easy to squeeze into a morning commute or a coffee break. Love's style is straightforward and reportorial — he gets to the point fast.

The show started in 2018 as part of the ITWC (IT World Canada) media group, and it has grown into one of the top cybersecurity news podcasts globally, ranking in the top 0.5% of all podcasts. Love typically handles the daily briefings solo, summarizing the most important stories with enough detail that you understand what happened and why it matters. On certain episodes, he brings in co-hosts like David Shipley or guest panelists for longer discussions, particularly on weekly roundup shows.

The Canadian perspective is a nice differentiator. While most cybersecurity news pods are US-centric, Cybersecurity Today regularly covers stories from Canadian organizations, government agencies, and regulatory developments alongside the global headlines. Episodes come with detailed show notes, so if something catches your ear you can follow up quickly. It holds a 4.5 star rating from 183 reviews. If you need a daily cybersecurity briefing that respects your time and covers the world beyond just American news, this is a strong choice.

If five minutes is all you have, SANS Stormcast is the most efficient cybersecurity podcast out there. Johannes Ullrich, the dean of research at SANS Technology Institute, records a brief daily episode every weekday morning covering the most critical security events from the previous 24 hours. No fluff, no sponsors, no extended interviews — just a tightly curated summary of what matters.

Ullrich has been doing this since 2009, and the show has accumulated roughly 2,000 episodes. Each one follows the same formula: he picks three to five stories from the SANS Internet Storm Center's monitoring feeds and diary entries, explains what is happening, and tells you what to watch for. The companion website at isc.sans.edu includes detailed write-ups and links for every story mentioned, so you can dig deeper on anything that catches your attention.

The show is published under a Creative Commons license, which tells you something about its ethos — this is a public service, not a commercial venture. Ullrich's delivery is dry and efficient, more professor than entertainer, and that is exactly what the audience wants. Security operations teams use it as a daily briefing tool, and multiple reviewers describe it as required listening for their SOC staff. It holds an impressive 4.9 rating from 674 reviews. If you work in a security operations center or just want a fast, reliable daily security update from someone with serious credentials, Stormcast delivers more value per minute than anything else in the space.

CISO Series built Cybersecurity Headlines as the shortest possible path between you and the day's most important security news. The daily episodes clock in at about five to seven minutes — you get the headlines, a brief bit of context for each, and you are done. On Fridays, the show expands into a 20 to 30 minute weekly recap with guest commentary from security leaders and analysts.

The show has cranked out over 1,700 episodes since launching in 2020, which is a remarkable pace. The format is clean and consistent: a host reads through a curated list of the day's stories, from major breaches and vulnerability disclosures to regulatory changes and industry mergers. The weekly roundup episodes bring in contributors like former CISOs and field CTOs who add perspective that the daily briefings cannot fit.

What makes Cybersecurity Headlines work well alongside a show like CyberWire Daily or SANS Stormcast is its CISO-level framing. The stories are chosen and contextualized for people who make security decisions at organizations — it is less about the technical nuts and bolts and more about what matters from a business risk standpoint. The show is part of the broader CISO Series network, which includes multiple podcasts focused on security leadership. It holds a 4.7 rating from 135 reviews. If you are a security leader who wants a quick daily scan of the news without committing to a longer show, this fits the bill.

Brian Johnson started 7 Minute Security as exactly what the name promises — short, punchy episodes about information security. Over 700 episodes and more than a decade later, the show has grown beyond its original time constraint, but it keeps the spirit of being accessible and practical. Johnson is a penetration tester by trade, and that hands-on experience shapes every episode.

The format varies more than most security podcasts. Some weeks you get solo episodes where Johnson walks through a tool or technique he is using on actual engagements. Other times, he tells stories from real penetration tests in his "Tales of Pentest Pwnage" and "Tales of Pentest Fail" series, which are both educational and genuinely entertaining. He also does interviews with other security professionals and occasional deep dives on blue team defense topics.

Johnson's style is casual and self-deprecating in a way that makes even technical content approachable. He does not pretend to know everything, and he is happy to share his failures alongside his successes. The show has a companion community at 7MinSec.club where listeners can connect and discuss topics further. He also offers training courses, including a pentest lab environment called LPLITE:GOAD. Episodes release biweekly now, with a 4.7 rating from 70 reviews. If you are a penetration tester or aspiring to be one, this podcast feels like getting mentored by a friend who happens to break into networks for a living.

Jerry Bell and Andrew Kalat have been recording the Defensive Security Podcast since 2012, making it one of the more veteran shows in the cybersecurity space. The two hosts are both working security professionals — Bell is a security leader and Kalat brings years of hands-on experience — and that real-world grounding comes through in every episode. They release new shows biweekly, running through 338 episodes so far.

The premise is focused and practical: take the week's biggest security breaches, malware campaigns, and data incidents, then break down what went wrong and what defenders can learn from each one. Bell and Kalat approach every story with a pragmatic mindset. They are not interested in fear-mongering or hype — they want to know what the actual lessons are and how organizations can apply them. Listeners frequently point to their balanced, measured analysis as the show's biggest strength.

The tone sits somewhere between professional and casual. There is enough snark and humor to keep things from feeling like a corporate webinar, but the substance never gets lost. These are two guys who have been in the trenches of incident response and security operations, and they talk about the news the way colleagues would over lunch — informed, opinionated, but grounded. The show holds a 4.7 rating from 368 reviews. If you are a blue team professional or security operations manager looking for a podcast that speaks your language without talking down to you, the Defensive Security Podcast is a reliable pick.

Shon Gerber brings over 23 years of cybersecurity experience across corporate, government, and academic settings to the Reduce Cyber Risk Podcast, and he uses every bit of it. This weekly show is aimed squarely at security leaders and professionals who want practical, actionable guidance — not just headlines. Gerber works as a virtual CISO and consultant, and the podcast reflects that advisory mindset.

Episodes are mostly solo commentary where Gerber breaks down a specific security topic: insider threat management, operational technology security, compliance frameworks, risk assessments, or building a security awareness program from scratch. He occasionally brings in guests for vendor-focused or topic-specific interviews, but the heart of the show is Gerber walking through real-world scenarios and explaining what works and what does not. He also runs a CISSP exam preparation series, which has become a popular recurring segment.

The show launched in 2023 and has already published 193 episodes, which shows serious commitment to a consistent release schedule. Gerber's delivery is educational and direct — think experienced consultant giving you a briefing rather than a polished media personality. The focus on small and medium businesses sets this apart from many security podcasts that assume a large enterprise context. If you are a CISO at a mid-sized company, a security consultant, or someone studying for their CISSP, this podcast speaks directly to your daily reality. It is still building its audience (no Apple Podcasts ratings yet), but the content is solid and the practical focus fills a real need.

MySecurity Media produces the Cyber Security Weekly Podcast with a noticeably different angle than most shows in this space. Rather than focusing purely on technical threats, the show covers the intersection of cybersecurity with business strategy, government policy, and physical security. Since 2017, they have released over 450 episodes featuring interviews with executives, law enforcement officials, government representatives, and security researchers from around the world.

The format is interview-driven, often recorded as video episodes at industry events and conferences. Recent content includes conversations from events like the World Police Summit and Zenith Live, featuring discussions with people like police colonels from ASEANAPOL and CTOs from major security vendors. The perspective tends to be more Asia-Pacific focused than your typical US-centric security podcast, with regular coverage of Australian and Southeast Asian cybersecurity developments.

Episodes run about 20 minutes on average and release roughly three times per week. Topics range from zero trust architecture and agentic AI risks to biometric technology and international cybersecurity cooperation. The show's strength is its access to a wide range of voices you would not normally hear on other security podcasts — policymakers, diplomats, and law enforcement leaders alongside the usual vendor and analyst crowd. It holds a 3.9 rating from 19 reviews on Apple Podcasts. If your work involves security policy, risk management at a government level, or you just want perspectives beyond the Silicon Valley bubble, this show offers something most competitors do not.

Click Here started life as a joint project between NPR and Recorded Future, and it has grown into one of the most polished investigative cybersecurity shows around. Host Dina Temple-Raston brings her years of NPR reporting chops to stories about ransomware gangs, nation-state hackers, and the people caught in the crossfire. With over 320 episodes and a 4.6-star rating from hundreds of listeners, the show has clearly found its audience.

What sets Click Here apart is its narrative approach. Instead of rattling off headlines, each episode builds a story arc. You might follow a ransomware negotiation from first contact to resolution, or trace how a single vulnerability rippled through an entire industry. Temple-Raston interviews the actual analysts, victims, and sometimes even the attackers involved. The production quality is excellent -- tight editing, clear audio, and a pace that respects your time without rushing.

The show skips heavy jargon in favor of making complex operations understandable. That does not mean it is surface-level, though. Episodes regularly get into attribution challenges, intelligence tradecraft, and the messy politics behind cyber operations. It is backed by Recorded Future's threat intelligence team, which gives the reporting an extra layer of sourcing most podcasts simply cannot match. If you want cybersecurity journalism that reads like a good longform article, this is it.

Microsoft's threat intelligence team spends its days tracking APT groups, zero-days, and cybercrime operations across a staggeringly large attack surface. This podcast lets you listen in on those conversations. Hosted by Sherrod DeGrippo, who previously led threat research at Proofpoint, the show brings on Microsoft security researchers to break down what they are actually seeing in the wild.

Now in its third season with 64 episodes, it runs biweekly and holds a perfect 5.0 rating on Apple Podcasts (though from a smaller review pool of 23). Episodes range from around 25 minutes to over an hour, depending on how deep the topic goes. Recent coverage has included AI-powered attack techniques, ransomware targeting financial services, threats to power grid infrastructure, and the ethics of responsible disclosure.

DeGrippo is a sharp interviewer who knows when to push for specifics. The guests are not marketing people reading talking points -- they are the analysts who named the threat groups and wrote the technical reports. You get details about TTPs, infrastructure patterns, and attribution reasoning that you would normally only find buried in a PDF threat report. The Microsoft branding might make you expect a sales pitch, but the show stays focused on the intelligence side. It is one of the better sources for understanding how a major defender sees the threat environment right now.

Gerald Auger runs the Simply Cyber brand, and this daily podcast is the centerpiece. Every weekday morning at 8 AM Eastern, he drops a new episode covering the cybersecurity stories that broke overnight. With nearly 1,000 episodes in the archive, the man is nothing if not consistent.

Auger holds a Ph.D. and has over 20 years of experience in GRC (governance, risk, and compliance), which gives his analysis a practical business angle that pure technical shows often miss. He connects individual vulnerabilities and breaches to broader organizational risk -- why a particular CVE matters for your compliance posture, or how a supply chain attack changes the conversation with your board. The episodes also stream live, so there is a community element where listeners can ask questions in real time.

Fair warning: episodes run about 90 minutes, which is a big commitment for a daily show. Some listeners have also noted inconsistent audio levels between episodes. But if you want a morning briefing that goes beyond headlines into actual analysis, and you appreciate a host who genuinely enjoys teaching, this show delivers. Auger has built a loyal following in the GRC and career-transition crowd especially, since he frequently ties security news back to professional development and certifications. The 4.6-star rating from regular listeners reflects that steady value.

Ron Eddings and Chris Cochran created Hacker Valley Studio in 2019 with a simple pitch: cybersecurity does not have to feel like a slog. They call their approach cybertainment, and after 415 episodes that blend security topics with career advice and personal growth, the formula clearly works. The show holds a 4.7-star rating from 60 reviews and maintains an active Discord community.

Each weekly episode typically features an industry guest -- sometimes a CISO sharing leadership lessons, sometimes a penetration tester walking through a recent engagement, sometimes a founder explaining how they built a security product. The hosts keep things conversational and upbeat without losing substance. They are genuinely curious interviewers who let guests tell their stories rather than firing off scripted questions.

What makes Hacker Valley distinct from most cybersecurity pods is its emphasis on the human side. Episodes regularly cover burnout, impostor syndrome, career pivots into security, and how to build teams that actually function well. Recent episodes have leaned heavily into AI security and autonomous agent risks, but the show always circles back to the people doing the work. If you are early in your security career or feeling stuck in a rut, this one is particularly worth your time. The production quality is solid, the energy is high, and the hosts make you feel like you are part of something bigger than just another tech podcast.

If you have ever wondered how security leaders actually make decisions -- the real budget fights, vendor negotiations, and risk trade-offs that happen behind closed doors -- this is the show. David Spark produces and hosts alongside co-hosts Mike Johnson and Andy Ellis, both former CISOs who bring years of operational experience to every conversation. With 395 episodes since 2018 and a 4.8-star rating from 191 reviews, it is one of the highest-rated cybersecurity podcasts on Apple.

The format is structured but never stiff. Recurring segments like the What's Worse scenario present impossible security dilemmas that force guests to reason through competing priorities out loud. 10 Second Security delivers rapid-fire tips. Guest CISOs from companies across different industries join regularly, which keeps the perspectives fresh and prevents the show from becoming an echo chamber.

Episodes run 38 to 45 minutes and come out weekly. The tone sits in a sweet spot between professional and relaxed -- Spark has a media background and knows how to keep a conversation moving, while Johnson and Ellis push back on vague answers with specific follow-ups. This is not a podcast about the latest CVE or malware variant. It is about governance, organizational dynamics, and the messy reality of running a security program. Vendors and sales engineers also listen in large numbers, since the show regularly addresses the buyer-seller relationship in security. That cross-audience appeal is part of what makes it work so well.

Control Loop zeroes in on a corner of security most shows skim past: the operational technology running power grids, water plants, oil refineries, and factory floors. Hosted by Dino Busalachi and produced by N2K Networks (the team behind CyberWire), the show pairs industry veterans with ICS engineers, CISOs, and researchers who actually babysit PLCs for a living. Episodes alternate between a news roundup covering the latest ICS-CERT advisories and longer interviews that unpack ransomware hitting manufacturers, the messy overlap between IT and OT teams, and why patching a turbine controller is nothing like patching a laptop. The tone stays practical and unhurried. Guests talk about asset inventory headaches, how to segment networks without taking down production, and what actually happens during an incident response at a plant running twenty-year-old Siemens gear. Recent episodes have covered Volt Typhoon activity, CISA's performance goals for critical infrastructure, and the slow drip of vulnerabilities in building automation systems. If you work in ICS, manage a SOC that's suddenly inherited OT responsibility, or just want to understand why people who secure factories lose sleep at night, Control Loop is one of the few shows built specifically for you. Short enough to finish on a commute, meaty enough to leave you with actual homework.

Unlocked 403 is ESET's attempt to make real cybersecurity research accessible without dumbing it down. Host Alejandro Hernandez pulls researchers from ESET's global malware labs into conversations about the campaigns they actually tracked this month: nation-state APTs, banking trojans, mobile spyware, and the occasional oddball threat nobody saw coming. The show's strength is its access. Guests include the people who reverse-engineered BlackLotus, tracked Lazarus Group across Linux and macOS, or spent months pulling apart a single piece of Russian wiper malware. They bring screenshots, IOCs, and the kind of technical detail you normally only get at a conference talk. Episodes typically run 30 to 45 minutes and lean heavily on plain-language explanations so you can follow along even if you've never opened IDA Pro. Recent topics have covered AI-generated phishing kits, supply-chain compromises in open-source packages, and how deepfake audio is starting to show up in business email compromise scams. There's a refreshing lack of vendor pitching. ESET clearly uses the show to demonstrate expertise rather than sell products, which means you get honest takes on what's working in detection, what's not, and where attackers are moving next. A solid listen for blue teamers, threat hunters, and anyone who wants the view from inside a working research lab.

Tripwire has been around since the file-integrity-monitoring days of the late 1990s, and their podcast carries that same no-nonsense engineering DNA. Hosts Tim Erlin and Tyler Reguly bring on practitioners, policy folks, and the occasional academic to talk about the workaday problems of running a security program: compliance audits that nobody enjoys, vulnerability management when you have 40,000 assets, and how to actually use MITRE ATT&CK without turning it into a checkbox exercise. Episodes tend to be tight, usually under 40 minutes, and the conversation stays grounded. You won't hear much hype about AI changing everything. Instead you get honest discussions about PCI DSS 4.0, the practical limits of EDR, and what happens when your CIS benchmark scan turns up thousands of drift findings on production servers. Recent guests have covered ransomware negotiation, ICS security in water utilities, and the ongoing mess that is software bill of materials adoption. The show is particularly strong for anyone working in regulated environments, federal systems, or large enterprises where change control matters as much as detection. It's the kind of podcast you put on while you're actually triaging alerts, because it meets you where the work lives rather than trying to sell you the next shiny platform.

Jeffrey Wheatman spent years as a Gartner analyst telling CISOs uncomfortable truths about their security programs, and Risk and Reels is basically that job without the NDA. Each episode pairs a cybersecurity topic with a movie reference, which sounds gimmicky until you realize the film framing actually helps make board-level risk conversations stick. An episode about insider threat might open with Office Space; one on supply-chain attacks borrows from Ocean's Eleven. The real substance comes from Wheatman's guests, who tend to be working CISOs, risk officers, and the people who advise them. They talk candidly about things most security podcasts tiptoe around: how to say no to the CEO, what cyber insurance underwriters actually care about, why most risk registers are theater, and how to quantify risk in dollars without pretending you have perfect data. Episodes usually run 30 to 45 minutes and the tone is conversational, occasionally profane, always honest. Recent topics have covered third-party risk management fatigue, the gap between NIST CSF 2.0 and what organizations actually implement, and why the CISO role keeps getting harder. If you're moving from hands-on security into management, or you're already in the chair trying to justify next year's budget, this show will feel like a mentor who isn't trying to sell you anything.

Hurricane Labs is a Cleveland-based managed security firm with a long reputation in the Splunk community, and their podcast has the easygoing feel of a few engineers talking shop after a long on-call shift. Hosts Tom Kopchak, Bill Mathews, and a rotating cast of SOC analysts pick apart recent breaches, new detection techniques, and whatever weird edge cases came across their desks that week. The show leans technical without being exhausting. You'll hear actual Splunk search syntax, SIEM tuning stories, and honest takes on tools the hosts have used in anger, not just ones they read about on vendor blogs. There's also a steady thread of career advice for people trying to break into blue-team work, with guests who describe the unglamorous parts of the job nobody warns you about. Recent episodes have covered the fallout from the MOVEit breaches, how to run a useful tabletop exercise, detection engineering against living-off-the-land binaries, and the operational reality of monitoring cloud workloads at scale. The pacing is relaxed, the banter is genuine, and the hosts clearly enjoy the work. It's a good fit for SOC analysts, detection engineers, and managers who want to stay close to the technical ground truth without wading through marketing noise. Episodes generally run 30 to 60 minutes.