Top 35 Information Security Podcasts

For years information security podcasts have been a popular medium for digesting security news, keeping up with the latest threats, learning about recent incidents, and everything else you need to know to stay at the top of your game. Podcasts can be pretty entertaining, too. After all, no one gets security humor quite like your peers. When you can't attend your favorite information security conferences, podcasts can help you stay on top of the latest trends. And, while reading infosec blogs might not be practical on your morning commute, listening to podcasts is a useful way to pass the time.

There are some fantastic podcasters hailing from the security field, bringing decades of experience, unique perspectives, and valuable insights to audiences around the world. We've rounded up 35 of our favorite, must-listen podcasts from top infosec pros, CISOs, analysts, journalists, and more who aim to educate, entertain, and inform, breaking down hours of reading material into easy-to-digest podcast episodes. In other words, you can absorb hours' worth of security news and information in as little as half an hour or so - or, at least gain awareness of the most pressing threats and other news that you want to dig into further on your own.

If you're looking to expand your podcast subscriptions or spend your time more wisely by digesting security news and insights on your daily commute, here are our top 35 recommendations, sorted into four categories: Independent Podcasts, Educational and Professional Organization Podcasts, Media Podcasts, and Vendor Podcasts.

Independent Podcasts

1. Security Now!
Hosts: Steve Gibson, Leo Laporte
@GibsonResearch
@SGgrc

Security Now! is a weekly podcast featuring Steve Gibson and Leo Laporte who spend nearly two hours discussing vital security concerns ranging from news to long-standing issues, concerns, and solutions. Security Now! focuses on personal security, offering valuable insights to help their audience overcome common challenges and ramp up their personal security.

Three episodes you should check out from Security Now!:

• Episode #709: URL "Ping" Tracking
• Episode #707: Tesla, Pwned
• Episode #703: Out in the Wild

2. Security Weekly
Host: Paul Asadoorian
@securityweekly

Security Weekly covers IT security news, vulnerabilities, hacking, research, and related topics of interest for the IT community by serving as a security podcast network. Their goal is to reach a wide global audience to share insights and information that help them learn, grow, and become savvy IT professionals. Hosted by Paul Asadoorian, various co-hosts, and special guests, Security Weekly has been going strong for 11 years.

3. Risky Business
Host: Patrick Gray
@RiskyBusiness

First established in 2007, Risky Business is one of the most highly regarded and most-listened-to podcasts in the information security space. Risky Business aims to take a lighthearted look at information security news and has earned a reputation for covering the most alarming hacks and gaining insights from guests in-the-know.

Three episodes you should check out from Risky Business:

• Risky Business #537 -- Assange arrested, WordPress ecosystem on fire
• Risky Business #534 -- Manning back in clink, automotive industry under attack
• Risky Business #533 -- Ghidra release, NSA discontinues metadata program and more

4. The Unsupervised Learning Podcast
Host: Daniel Miessler
@DanielMiessler

The Unsupervised Learning Podcast is hosted by Daniel Miessler, an information security professional and writer. Miessler digests five to twenty hours of reading books and articles and listening to podcasts about information security, technology, and people into a concise, summarized podcast of the latest happenings every week. There are dozens of podcasts in the Unsupervised Learning archive, providing a plethora of insights in a brief, entertaining format.

Three episodes you should check out from Unsupervised Learning:

• Unsupervised Learning: No. 169
• Unsupervised Learning: No. 171
• Unsupervised Learning: No. 173

5. Down the Security Rabbithole
Hosts: Rafal Los, James Jardine
@DtSR_Podcast

Rafal Los and James Jardine team up to deliver the Down the Security Rabbithole podcast, a weekly podcast first introduced in 2011. The podcast focuses on security from a business perspective and features regular guests who speak on current news and offer expert insights on the latest information security trends and happenings.

Three episodes you should check out from Down the Security Rabbit Hole:

• DtSR Episode 343 - The 31st Human Right
• DtSR Episode 339 - Insuring Against Acts of Cyber War
• DtSR Episode 338 - Failure of Risk Management

6. Defensive Security Podcast
Hosts: Jerry Bell, Andrew Kalat
@Defensivesec

The Defensive Security podcast analyzes recent infosec news and disseminates it to identify valuable lessons that you can put to real-world use in protecting your company or your clients' companies. Hosted by Jerry Bell and Andrew Kalat, the Defensive Security Podcast offers new episodes two to three times each month for your listening pleasure.

Three episodes you should check out from Defensive Security Podcast:

• Defensive Security Podcast Episode 235
• Defensive Security Podcast Episode 233
• Defensive Security Podcast Episode 232

7. The Privacy, Security, & OSINT Show
Host: Michael Bazzell
@IntelTechniques

The Privacy, Security & OSINT Show is a weekly dose of privacy, security and open source intelligence (OSINT) news and opinions. The podcast is hosted by Michael Bazzell, an OSINT privacy consultant.

Three episodes you should check out from The Privacy, Security, & OSINT Show:

• 116-OSINT Basics & Careers
• 115-Back to Basics: The Costs of Privacy
• 103-Intermediate Disinformation, Reputation Mgmt, & Usenet Archives

8. Smashing Security
Hosts: Graham Cluley and Carole Theriault
@SmashinSecurity

Smashing Security, hosted by security industry veterans Graham Cluley and Carole Theriault, is a fun chat about cybersecurity and online privacy. Not your typical security podcast, Smashing Security is a hilarious take on the week's tech snafus.

Three episodes you should check out from Smashing Security:

• 125: Pick of the thief!
• 121: Hijacked motel rooms, ASUS PCs, and leaky apps
• 118: The 's' in IoT stands for security

9. Darknet Diaries
Host: Jack Rhysider
@DarknetDiaries

Host Jack Rhysider takes you on a journey through the dark side of the Internet. Rhysider talks all things privacy hacks, data breaches, and cybercrime in this bi-weekly podcast.

Three episodes you should check out from Darknet Diaries:

• Ep 33: RockYou
• Ep 31: Hacker Giraffe
• Ep 29: Stuxnet

10. The CyberJungle
Host: Ira Victor, Samantha Stone
@ira_victor

The CyberJungle is co-hosted by digital forensic analyst Ira Victor and Samantha Stone, an award-winning journalist who also produces the show. Ira Victor is a sought-after expert in the cyber security realm, and Samantha Stone is a veteran broadcaster and reporter who specializes in politics and legislation. The duo provides an entertaining and informative take on the latest in security news and talk with thought leaders and insiders who can weigh in on current happenings.

Three episodes you should check out from The CyberJungle:

• January 7, 2019, Episode 406
• September 22, 2018, Episode 404
• August 24 2018, Episode 403

11. Brakeing Down Security
Host: Bryan Brake, Brian Boettcher, Amanda Berlin
@bryanbrake

Bryan Brake, host of Brakeing Down Security, is a CISSP who enjoys working in the security field and shares his love for the industry with his listeners. Brake talks about security, legal issues, privacy, and compliance, among other topics of interest to the security community with co-hosts Brian Boettcher and Amanda Berlin.

Three episodes you should check out from Brakeing Down Security:

• 2019-014-Tesla fails encryption, Albany and Sammamish ransomware attacks.
• 2019-012: OWASP ASVSv4 discussion with Daniel Cuthbert and Jim Manico - Part 1
• 2019-009- Log-MD story, Noid, communicating with Devs and security people-part1

12. Hacker Public Radio
Hosts: Community Members
@HPR

Hacker Public Radio is an internet radio show releasing new episodes every weekday, Monday through Friday. HPR founders have a long history spanning more than 13 years producing popular shows. A unique podcast, Hacker Public Radio is crowd-sourced, featuring news, insights, and discussion from community members.

Three episodes you should check out from Hacker Public Radio:

• hpr2796 :: IRS, Credit Freezes and Junk Mail Ohh My!
• hpr2794 :: Interview with Martin Wimpress
• hpr2791 :: LUKS like truecrypt

13. Open Source Security Podcast
Hosts: Josh Bressers and Kurt Seifried
@joshbressers
@kurtseifried

The Open Source Security Podcast is hosted by Josh Bressers and Kurt Seifried and covers a variety of information security topics with a focus on open source software. One of the newer podcasts on this list, Open Source Security was launched in September of 2016 but has already released an impressive 34 episodes, with new episodes each week.

Three episodes you should check out from Open Source Security Podcast:

• Episode 141 - Timezones are hard, security is harder
• Episode 140 - Good enough security is a pretty high bar
• Episode 135 - Passwords, AI, and cloud strategy

14. The Shared Security Podcast
Hosts: Tom Eston, Scott Wright
@SharedSec

Hosted by ethical hacker and security aficionado Tom Eston and cyber security auditor and researcher Scott Wright, The Shared Security Podcast explores the trust placed in people, apps, and technology. The pair cover everything falling under the umbrellas of information security, privacy, the Internet of Things (IoT), mobile devices and apps, and everything in between.

Three episodes you should check out from The Shared Security Podcast:

• The State of Cybersecurity Training and Certifications with Kevin Johnson
• Amazon Echo Recording Controversy, New Mobile Phone Scam, Hotels Leaking Data
• Verifications.io Data Breach, Capsizing a Ship with a Cyberattack, World's Most Dangerous Malware

15. Crypto-Gram Security Podcast
Hosts: Dan Henage (podcast creator), Bruce Schneier (newsletter creator)
@schneierblog (Bruce Schneier on Twitter)

The Crypto-Gram Security Podcast is a unique offering, featuring a reading of Bruce Schneier's Crypto-Gram Newsletter aloud, read by Dan Henage with Schneier's permission. For commuters who don't have the time to read a regular newsletter, listening on your commute to one of the leading security news sources is a welcome alternative.

Three episodes you should check out from Crypto-Gram Security Podcast:

• Crypto-Gram March 15, 2019
• Crypto-Gram January 15, 2019
• Crypto-Gram 15 December 2018

16. Cyber Security Interviews
Host: Douglas A. Brush
@CSI_Podcast

A weekly podcast, Cyber Security Interviews is hosted by Douglas A. Brush who interviews influencers, thought leaders, and other individuals who shape the cyber security industry. Brush explores their journeys into the cyber security field and where they think the cyber security industry is headed.

Three episodes you should check out from Cyber Security Interviews:

• #067 - Fred Kneip: Compliance Doesn't Equal Security
• #065 - Lizzie Cookson: Attackers Adapt with Us
• #063 - Dean Sysman: You Are Swamped with Data

Educational and Professional Organization Podcasts

17. SANS ISC Daily Stormcasts
Hosts: SANS Internet Storm Center Handlers
@SANSInstitute

SANS is the largest and most-trusted resource when it comes to security training and research. The SANS ISC Daily Stormcasts are an extension of the SANS Internet Storm Center and features 5-10 minute updates on security threats each work day to keep professionals and businesses in the know regarding the latest and most pressing threats.

Three episodes you should check out from SANS ISC Daily Stormcasts:

• Finding Domain Admins; X-Protect Covering PE Files; Hotspot Password Leak; Github Hosting Phishing Pages
• Malicious UDF Files; Facebook Clear Text Passwords; Iranian Hackers Hacked; Win8 Live Tiles Takeover
• MTA-STA; AirBNB Cameras; VPN Credentials; MSIE XXE Vulnerability

18. Carnegie Mellon University Software Engineering Institute Podcast Series
Hosts: Various
@CERT_Division

The Software Engineering Institute at Carnegie Mellon University offers the SEI Podcast Series, presenting conversations in areas such as software engineering, cybersecurity, and future technologies. Podcasts focus on topics aiming to solve the nation's security challenges through general principles and starting points for business leaders who want to launch or improve on enterprise-wide security efforts.

Three episodes to check out from SEI Podcast Series:

• Applying Best Practices in Network Traffic Analysis
• Women in Software and Cybersecurity: Bobbie Stempfley
• 10 Types of Application Security Testing Tools and How to Use Them

19. OWASP Podcast
Host: Mark Miller, Jim Manico
@owasp

OWASP's 24/7 podcast series is hosted by executive producer Mark Miller, who interviews industry experts, volunteers, and security leaders to provide valuable insights on web application security. Here, you'll also find an archive of an original podcast series hosted by Jim Manico, who interviewed OWASP volunteers and other thought leaders in the field of web application security.

Three episodes you should check out from OWASP Podcast:

• Less than 10 Minutes Series: OWASP DockerHub with Simon Bennetts
• Security Processes at the Apache Software Foundation w/ Mark Thomas and Brian Fox
• Struts2 Vulnerabilities: Who Is Responsible?

Media Podcasts

20. The CyberWire Podcast
Host: David Bittner
@thecyberwire

A cybersecurity-focused news service, The CyberWire podcasts offer a glimpse into what's happening in cyber space. Offering clear and concise summaries of the latest news and essential details you need to know to stay abreast of the security landscape, The CyberWire includes both daily briefings and longer podcasts syndicated from partners.

Three episodes you should check out from The CyberWire Podcast:

• CyberWire Daily: Mueller Report is out. Sea Turtle DNS-manipulation campaign.
• CyberWire Daily: Sri Lanka bombing investigation update. Christchurch call.
• CyberWire Daily: Spearphishing from "Luhansk," Pro-Assange hacktivism.

21. Security Current
Hosts: Various
@SecurityCurrent

Security Current is an information and collaboration community founded by veteran journalist and IT network security marketing executive Aimee Rhodes. Offering CISO insights, peer-driven research and analysis, practical advice and discussion, Security Current gives executives the insights they need to make knowledgeable decisions. Hosted by a number of leading CISOs and other industry leaders, Security Current focuses on the issues that matter to today's CISOs and the companies they serve.

Three episodes you should check out from Security Current:

• EDR for All - Bitdefender Discusses Best Practices for Implementing Endpoint Detection and Response Technology
• Tufin Talks Increasing Security and Agility Through Security Policy Orchestration
• Bay Dynamics CEO Discusses How to Gain Insight in to Security Risks Using User Behavior Analytics

22. Data Breach Today Podcast
Hosts: Data Breach Today Staff
@DataBreachToday

For the most up-to-date news on data breach prevention, detection, and notification, the Data Breach Today Podcast is worth a listen. Hosted by the Data Breach Today staff, the Data Breach Today Podcast features interviews with leading experts and thought leaders in the field who offer commentary on the latest cybersecurity news, practical advice for overcoming common security challenges, and more.

Three episodes you should check out from Data Breach Today Podcast:

• The Dangers of Unsecured Medical Devices
• Not So 'Smart' - Child Tech Has Hackable Flaws
• Privacy and Security: Finding the Balance

23. Security Ledger Podcasts
Hosts: Paul Roberts
@securityledger

The Security Ledger is an independent security news website founded in August 2012. Founder and Editor-in-Chief Paul Roberts hosts the Security Ledger Podcasts, bringing you in-depth reporting and insights from security thought leaders about the most pressing infosec issues plaguing businesses and users today.

Three episodes you should check out from Security Ledger Podcasts:

• Podcast Episode 142: On Supply Chains Diamond-based Identities are forever
• Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why.
• Podcast Episode 139: the State(s) of Right to Repair and API Insecurity on GitHub

24. Off the Hook
Hosts: The Hacker Quarterly staff
@2600

A podcast from 2600: The Hacker Quarterly, Off the Hook discusses the hacker's view of emerging technology and the threat landscape. Offering updates on security flaws from the hacker's perspective, as well as the latest news from the hacker community, Off the Hook is an informative listen for information security professionals. The show airs every Wednesday evening at 7pm EST.

25. Cyber Motherboard
Host: Ben Makuch
@Motherboard

Host Ben Makuch talks to Motherboard reporters Lorenzo Franceschi-Bicchierai and Joseph Cox each week about their latest breaking stories, as well as to the most famous hackers in the industry, security researchers, and thought leaders, discussing the latest trends, cyber security news, and more.

Three episodes you should check out from Cyber Motherboard:

• The Dark Overlord and the 9/11 Insurance Files Hack
• Why The ASUS Supply Chain Hack Is a Big Deal
• How Google Tracks Hackers

Vendor Podcasts

26. Breach
Hosts: Bob Sullivan, Alia Tavakolian
@Carbonite

Brought to you by Carbonite, Breach is a new podcast that investigates history's most notorious data breaches, digging into the who, why, and how of the biggest breaches in history with IT security experts, technology reporters, and white hat hackers. Breach is hosted by award-winning cybersecurity journalist Bob Sullivan and veteran podcast producer Alia Tavakolian.

Three episodes you should check out from Breach:

• Equifax Data Breach: Is Privacy Dead
• Equifax Data Breach: The Response
• Equifax Data Breach: What Went Wrong

27. Hak5
Hosts: Darren Kitchen, Shannon Morse
@Hak5
@Hak5Darren
@Snubs

Hak5 is an entertaining web show led by Darren Kitchen and Shannon Morse that's now the longest running show on YouTube. Hak5 also develops innovative penetration testing devices and immersive information security training in addition to its award-winning weekly podcast. Hak5 covers open source software, pen testing, network infrastructure, and everything in between. The flagship show is so popular that it's syndicated by Discovery Digital Networks, and Hak5 also produces numerous other sister shows including HakTip, ThreatWire, and Metasploit Minute.

Three episodes you should check out from Hak5:

• Inside Glytch's hacker bag - Hak5 2515
• WiFi Hacking Workflow - The NEW WiFi Pineapple 2.5 Firmware - Hak5 2514
• Shell Escape Tricks for Bash & Powershell - Hak5 2508

28. Defrag This
Host: Greg Mooney
@defrag_this

Defrag This, hosted by Greg Mooney, is a podcast from Ipswitch that aims to help listeners cope with the hurdles that are seemingly cropping up everywhere you look, from the latest malware threat to hardware failures and user errors. Designed for IT professionals, Defrag This offers insights on the latest trends, commentary on IT news, and more.

Three episodes you should check out from Defrag This:

• Podcast: Does Brexit Outcome Have Any Effect On Compliance?
• Podcast: How DevOps Teams Use Network Monitoring Tools
• Podcast: Artificial Intelligence Vs. Automation For SecOps Teams

29. Threatpost Podcast Series
Host: Various
@threatpost

Threatpost, Kaspersky Lab's security news service, is "the first stop for fast-breaking security news, conversations, and analysis from around the world." Providing a reputable, trustworthy source of news and information for today's security professionals, the Threatpost Podcast Series is a must-add to any serious security pro's listening queue.

Three episodes you should check out from ThreatPost Podcast Series:

• Podcast: Chris Vickery on UpGuard's Discovery of Millions of Facebook Records
• Podcast: The High-Risk Threats Behind the Norsk Hydro Cyberattack
• Podcast: Emotet Grows With Fast-Evolving Tactics

30. Sophos Naked Security Podcast
Hosts: The Sophos Team
@NakedSecurity

The Sophos team hosts the Naked Security podcast, offering coverage of major security events like DEF CON live, insights on major security breaches, industry news, and all things of interest to today's security and privacy professionals.

31. The Social Engineer Podcast
Hosts: Chris "loganWHD" Hadnagy and The Social-Engineer, Inc Team
@humanhacker

With a new episode on the second Monday of each month, The Social Engineer Podcast is a regular show with a dedicated monthly topic. Host Chris Hadnagy has an interesting and informative perspective on social engineering, security, and other topics of interest to the security community.

Three episodes you should check out from The Social Engineer Podcast:

• Ep. 113 - Nutrition Facts for Online Information with Clint Watts
• Ep. 111 - Crypto AI Blockchain Smoothies at Walmart with Nick Furneaux
• Ep. 101 - Flash Bangs: The Reformation of a Social Engineer

32. SurfWatch Cyber Chat
Hosts: SurfWatch Labs Team
@SurfWatchLabs

The SurfWatch Cyber Chat is brought to you by SurfWatch Labs, delivering cyber risk intelligence solutions to aid businesses in understanding and acting on their cyber risks. A weekly show, SurfWatch Cyber Chat includes Q&A sessions with cybersecurity experts as well as weekly cyber risk news.

Three episodes you should check out from SurfWatch Cyber Risk Roundup:

• Talking Fraud with Chargebacks911's Monica Eaton-Cardone
• Talking the Threat Intelligence Mind Map and How It Can Help Organizations
• Talking the Expanding Digital Risk Footprints of Organizations

33. Cyber Exposure Podcast
Hosts: Bill Olson, Gavin Millard
@TenableSecurity

Tenable's Cyber Exposure Podcast features conversations and interviews on vulnerability management, cyber exposure, and general security topics. Cyber Exposure is hosted by Bill Olson, Tenable's Technical Director, and Gavin Millard, a certified ethical hacker. This is a newer podcast, meaning there are lots of great interviews and commentary to come.

34. Security Insider
Host: Patrick Townsend
@townsendsecure

Security Insider, hosted by Patrick Townsend of Townsend Security, is your source of insights on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.

Aiming to bolster security awareness, DevelopSec is hosted by James Jardine, an information technology professional with more than 15 years of experience and founder and principal consultant at Jardine Software, Inc. Jardine is also a co-host for the Down the Security Rabbit Hole podcast, another popular show.

Three episodes you should check out from DevelopSec:

• Ep. 112: Application Fingerprinting
• Ep. 111: Authentication Alerts
• Ep. 110: Implementation Matters

Bonus: SecurityCast Radio

@securitycast

SecurityCast isn't a security podcast but instead a 24x7 streaming re-broadcast that aggregates many popular security podcasts, including much of this list. You can tune to SecurityCast anytime, anywhere and will be sure to catch quality content spanning a wide range of infosec topics, from security best practices and news to penetration testing and vulnerability research.