Three Buddy Problem cover art

Three Buddy Problem

Three Buddy Problem

By: Security Conversations
Listen for free

About this listen

 The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).© 2025 The Naraine Group Politics & Government
Episodes
  • Chris Eng on lessons learned from the NSA, @Stake, Veracode, and 20 years in cybersecurity

    Chris Eng on lessons learned from the NSA, @Stake, Veracode, and 20 years in cybersecurity
    Oct 7 2025
    This week on Security Conversations, Ryan sits down with Chris Eng, former Chief Research Officer at Veracode, to talk about life after nearly two decades at one company and the lessons learned along the way. They dig into a career start at the NSA, the early days of @Stake and the Symantec acquisition, and the birth and ambitions of Veracode. Plus, thoughts on how helping startups shape product strategy, what it takes to translate technical expertise into business impact, and how security culture has evolved since the early “hacker-to-enterprise” days. The conversation touches on defining your career beyond titles, how the perception of “cybersecurity” has changed over the years, and why the industry still has plenty of room for curiosity, reinvention, and good storytelling.
    Show More Show Less
    45 mins
  • Oracle cl0p ransomware crisis, EU drone sightings, Cisco bootkit fallout

    Oracle cl0p ransomware crisis, EU drone sightings, Cisco bootkit fallout
    Oct 3 2025
    Three Buddy Problem - Episode 66: We discuss drone sightings that shut down airports across Europe and what they reveal about hybrid warfare and the changing nature of conflict; Oracle ransomware/extortion campaign tied to unpatched E-Business Suite vulnerabilities and the company’s muted response. Plus, the TikTok–Oracle deal and the strange role Oracle now plays in U.S. national security; OpenAI’s Sora 2 launch and its implications for social media and human expression; Palo Alto’s “Phantom Taurus” APT report, a follow-up on Cisco’s ArcaneDoor disclosures, and the impact of the U.S. government shutdown on CISA. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
    Show More Show Less
    2 hrs and 3 mins
  • Cisco firewall zero-days and bootkits in the wild

    Cisco firewall zero-days and bootkits in the wild
    Sep 27 2025
    Three Buddy Problem - Episode 65: We zero in on one of the biggest security stories of the year: the discovery of a persistent multi-stage bootkit implanting malware on Cisco ASA firewalls. Details on a new campaign, tied to the same threat actors behind ArcaneDoor, exploiting zero-days in Cisco’s 5500-X series appliances, devices that sit at the heart of government and enterprise networks worldwide. Plus, Cisco’s controversial handling of these disclosures, CISA's emergency deadlines for patching, the absence of IOCs and samples, and China’s long-term positioning. Plus, thoughts on the Secret Service SIM farm discovery in New York and evidence of Russians APTs Turla and Gamaredon collaborating to hit Ukraine targets. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).
    Show More Show Less
    1 hr and 55 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.