Here's what you missed on Office Hours: May 2025

Our weekly Office Hours broadcast is taking off! Every Tuesday at 1 PM ET, Red Canary Co-founder Keith McCammon and CISO Dave Farrow tackle cybersecurity news and industry trends with special guests and exclusive operational insights.

May’s episodes covered a range of topics from AI to zero trust. We’ve embedded them all here for your viewing pleasure.

Episode 13: SAP NetWeaver vulnerability and Conditional Access

After highlighting a recently disclosed vulnerability in SAP NetWeaver that allows for unrestricted file uploads, Keith welcomes Product Management Manager Sam Straka for a deep dive into Conditional Access policies.

Episode 14: RSAC Conference recap and Verizon’s 2025 DBIR

Fresh off the 2025 RSAC conference, Dave and Keith share their key takeaways and favorite booth-hopping moments. Keith then shines a light on Verizon’s 2025 Data Breach Investigations Report, leading a discussion on the evolving landscape of credential abuse and the necessity for vendor accountability.

Episode 15: Security experts unfiltered

Keith and Dave welcome Red Canary Principal Security Researcher Brian Donohue to help answer audience questions from the mailbag. Their answers touch on browser security, data loss prevention (DLP), AI’s impact on the job market, and more.

Episode 16: May Intelligence Insights and Latrodectus loader

Keith welcomes Senior Intelligence Analyst Stef Rand to break down May’s Intelligence Insights. After walking through the 10 top threat list, Stef highlights the emergence of a Latrodectus, a loader that leverages fake browser updates in tax season-themed phishing attacks.

Episode 17: Why security maturity levels matter

Keith and Dave welcome Red Canary VP of Product Marketing Aaron Landgraf break down security maturity models. Tune in to find out where your organization stands—and gain a deeper understanding of the many nuances involved in measuring the maturity of your security programs.