If you spend your days building, shipping, defending, or fixing systems, you already know how this goes. A new technique shows up in a research thread, someone drops a “has anyone checked if we’re exposed?” comment, and suddenly you’re juggling risk, patches, logging gaps, and whatever tool is in the blast radius this week.

That day-to-day reality is why Rapid7 Labs is launching Hacktics and Telemetry, a bi-weekly video and audio podcast with episodes built to fit into a lunch break or a commute. It’s hosted by Rapid7's Douglas McKee, bringing to the pod years of deep technical and leadership experience, then co-hosted by Jonah ‘CryptoCat’ Burgess – a strong researcher with a solid pulse on the cybersecurity community.

The format stays consistent on purpose. Each episode starts with a scan of what’s emerging, shifts into a guest conversation, then closes with a short segment that ties the story back to mitigation and tooling. The goal is simple: move past theory, show what’s happening with real examples, and leave you with something you can act on.

Episode 1: OpenClaw Risks, RCEs, and Metasploit Pro Updates

Doug and Jonah open by digging into two AI-centric stories from the past week. The first is PhoneLeak, described as data exfiltration in Gemini via phone call. It’s the kind of uncomfortable example that forces practical questions: how do you defend against mobile clickjacking when it's disguised as a routine CAPTCHA? When an AI assistant has deep extensions into a user's workspace, how do you prevent malicious prompts from quietly accessing sensitive data like 2FA codes? And perhaps most importantly, how do defenders anticipate and monitor for bizarre, out-of-the-box exfiltration methods—like an AI bypassing SMS confirmations to leak data via DTMF tones on a phone call?

The second story comes from the other side of the AI conversation: an AI agent reportedly identifying an RCE in BeyondTrust remote support, plus discussion of older privileged remote access versions. More automation can mean faster discovery, which shrinks the window between “interesting finding” and “you need to patch this.” That changes how defenders think about exposure, patch prioritization, and what “good enough” means (and looks like) when it comes to monitoring.

In the guest segment, Greg Richardson (Global Advisory CISO & AI Thought Leader, 6 Levers AI) walks through how he uses AI agents in his workflow while keeping control tight. He talks about setting tasks while he sleeps, but the constraints are the point: access is locked down, the agent only touches files he explicitly provides, communication is limited, and token limits help cap the size of any mistake. He also makes a strong case for starting small, with one task at a time, instead of trying to automate dozens of things on day one.

To close out this inaugural episode, the team hits on a SolarWinds Help Desk vulnerability, then shares a quick look at Metasploit Pro 5.0 updates – including more granular payload selection and a walkthrough of the new UI.

If your idea of useful content includes threat trade-offs, concrete mitigations, and a bit of candid “how this actually plays out,” you’re in the right place.

Catch the full episode below:

⠀

In 2025, we launched Experts on Experts: Commanding Perspectives as a pilot video series designed to spotlight the ideas shaping cybersecurity, directly from the people driving them. Over five episodes, Rapid7 leaders shared short, candid conversations on topics like agentic AI, MDR ROI, cybercrime-as-a-service, and policy in practice. With Season Two launching soon, now is the perfect time to revisit the first run of expert conversations that started it all. 

Each episode is now embedded in its supporting blog on rapid7.com, making it even easier to watch, read, and share. Here's your full recap of Season One.

Ep 1: What Happens When Agentic AIs Talk to Each Other?

Guest: Laura Ellis, VP of Data & AI

Agentic AI was one of the most talked-about themes of the year, but few tackled it with the clarity and urgency Laura Ellis brought to this episode. From governance models to inter-agent deception, the conversation explores how AI systems can interact in unpredictable ways. Laura shares her perspective on keeping humans at the helm, how to contain agent behavior in real-world infrastructure, and what’s realistic for security teams today. The episode came from a LinkedIn conversation about autonomy, oversight, and the potential for agent-to-agent manipulation, and answered a lot of questions. If you’re curious about how AI moves from experiment to ecosystem, this is a great place to start.

[Read and watch]

Ep 2: What MDR ROI Really Looks Like

Guest: Jon Hencinski, VP of Detection & Response

In this open and honest conversation, Jon Hencinski takes us inside the modern SOC to show what strong managed detection and response really looks like. From coverage and telemetry to analyst training and noise reduction, the episode walks through the building blocks of a high-performing MDR program. Jon speaks directly to security leaders and decision-makers, breaking down which metrics matter most, how to measure confidence in your provider, and why speed is still the differentiator. If you’re evaluating MDR partners or trying to articulate the value of your program internally, this episode offers a practical benchmark. It also pairs well with Rapid7’s IDC report on MDR business value, which (Spoiler Alert) found a 422% three-year ROI and payback in under six months.

[Read and watch]

Ep 3: The Business of Cybercrime

Guest: Raj Samani, SVP and Chief Scientist

Cybercrime is no longer just a threat, it’s an economy. In this episode, Raj Samani unpacks the business model behind ransomware, initial access brokers, and affiliate operations. He shares his view on how cybercriminals are scaling operations like startups, what security teams can do to map that behavior, and why understanding the economy of access is key to disruption. It’s an insightful look at how attacker innovation is outpacing the traditional response, and what needs to change. Raj also reflects on the blurred lines between opportunistic access and long-tail ransomware campaigns, and how buyers on the dark web shape the threat landscape. This conversation is especially useful for defenders who want to think more strategically about adversaries and the systems that support them.

[Read and watch]

Ep 4: What SOC Teams Are Doing Differently in 2025

Guest: Steve Edwards, Director of Threat Intelligence and Detection Engineering

This episode walks through the key findings of Rapid7’s IDC study on the business value of MDR and brings them to life through real-world SOC operations. Steve Edwards shares how telemetry access changes the game, what true coverage looks like in practice, and why teams are shifting away from reactive models to faster, context-rich detection. You’ll hear what happens in the first 24 to 48 hours of incident response and how Rapid7’s no-cap IR model improves confidence during high-pressure moments. Steve also breaks down how teams are using MITRE ATT&CK  mapping to prioritize security investments and measure response maturity over time. For security leaders and buyers evaluating managed services, this conversation offers a clear, practical lens on what a successful MDR program looks like from a security and business perspective.

[Read and watch]

Ep 5: Policy to Practice - What Cyber Resilience Really Takes

Guest: Sabeen Malik, VP of Global Government Affairs and Public Policy

With new regulations emerging across the globe, it’s easy to confuse compliance with resilience. In this episode, Sabeen Malik unpacks what it takes to bridge that gap. She talks through disclosure laws, geopolitical tension, and the difficulty of turning policy into something operators can act on. Sabeen brings both policy expertise and operational realism, making the case that cybersecurity regulation needs to be built for the real world, not for a checklist. She also explores the cultural side of risk, including how insider threats and trust-based frameworks play into resilience planning. If your organization is tracking regulatory changes or working toward a more mature security posture, this episode offers a smart lens on where policy can help, and how to overcome it's shortfalls.

[Read and watch]

The year was 1989. There was no cloud, no cryptocurrency, and no global cybercrime economy—just a malicious program quietly waiting to lock its victim out of their own system. 

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded […]

The post Podcast: Attack Tactics 6! Return of the Blue Team appeared first on Black Hills Information Security, Inc..

💾

Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely […]

The post BHIS Podcast: Blockchain and You! InfoSec Edition appeared first on Black Hills Information Security, Inc..

💾

For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate […]

The post PODCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security, Inc..

💾

In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, […]

The post PODCAST: BHIS Sorta Top Used Tools of 2018 appeared first on Black Hills Information Security, Inc..

💾

Yes.. Ethical Hacker Kids. The holidays are coming up! Here John & Jordan cover the different games, tools and gifts we can give kids that help teach them the trade. […]

The post PODCAST: Raising Hacker Kids appeared first on Black Hills Information Security, Inc..

💾

Over the past few months, we have discovered a couple trends that organizations seem to be missing. No silver bullets, just some general vulnerability issues we are seeing again and […]

The post PODCAST: Blue Team-Apalooza appeared first on Black Hills Information Security, Inc..

💾

John Strand shares some of his own journey into information security and also his ideas and tips for those wanting to get into the industry from the start, or those […]

The post PODCAST: John Strand’s 5 Year Plan into InfoSec Part 2 appeared first on Black Hills Information Security, Inc..

💾

Join special guest Chris Brenton, COO of Active Countermeasures, as he discusses the anatomy of beacons and why you need to be looking for them during a threat hunt. He […]

The post PODCAST: Beacon Analysis appeared first on Black Hills Information Security, Inc..

💾