Podchaser Logo Rate on Podchaser

Episode 15

full
Published on:

5th Nov 2025

Identity Threats, AI Attacks, and the Power of Community with Filipi Pires

In this episode of the Security by Default podcast, host Joe Carson welcomes back Filipi Pires, Head of Identity Threat Labs & Global Product Advocate at Segura® to discuss the latest trends in identity threats and cybersecurity. They explore the evolution of attacks, particularly focusing on social engineering and the role of AI in both offensive and defensive strategies. Filipi shares insights from recent events, including the significance of BSides conferences in fostering community and knowledge sharing. The conversation emphasizes the importance of a zero trust approach and the need for continuous education in cybersecurity.

Key Takeaways

  • The BSides community is essential for cybersecurity education.
  • Attackers are increasingly using social engineering techniques.
  • AI is being leveraged by both attackers and defenders.
  • Zero trust is a critical framework for modern security.
  • Organizations must implement multiple layers of protection.
  • Credential theft is a major concern in identity threats.
  • B-Sides events provide networking opportunities for newcomers.
  • Cybersecurity Awareness Month is a time for reflection and improvement.
  • The rise of AI in social engineering poses new challenges.
  • Community-driven events like B-Sides foster collaboration and learning.

Chapters

  • 00:00 Introduction to Security by Default Podcast
  • 01:59 Understanding BSides Events
  • 05:57 Current Trends in Identity Threats
  • 11:50 The Evolution of Authentication Methods
  • 14:57 The Rise of InfoStealer Malware
  • 18:52 AI's Role in Cybersecurity Threats
  • 21:13 AI in Cybersecurity: Defensive and Offensive Perspectives
  • 24:36 The Role of APIs and Observers in Cybersecurity
  • 26:06 Best Practices for Securing AI in Organizations
  • 31:04 BSides Porto: Community and Event Insights
  • 39:06 Future BSides: Expanding to Porto Alegre

Resources:

https://www.linkedin.com/in/filipipires/

https://segura.security/

https://www.instagram.com/filipipires.sec/

https://segura.security/events/filipi-pires

https://www.linkedin.com/showcase/identity-threat-labs/about/

https://labs.segura.blog/


About Segura®

Segura® is an Identity Security Platform built to help organizations secure privileged access, detect identity threats, and respond rapidly to attacks targeting human and machine identities.


Designed for hybrid and high-risk environments, Segura delivers identity threat detection and response (ITDR), secure remote access, and privileged session protection — ensuring that only verified users, devices, and applications can access critical systems.


From infrastructure and servers to cloud platforms and the supply chain, Segura provides unified visibility and control across every identity interaction. By combining advanced analytics, behavioural detection, and Zero Trust access principles, Segura empowers companies to prevent credential misuse, lateral movement, and privilege escalation before damage occurs.

Next Episode All Episodes Previous Episode

Listen for free

Show artwork for Security by Default

About the Podcast

Security by Default
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends.
Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

About your host

Profile picture for Joseph Carson

Joseph Carson

I am a distinguished cybersecurity professional with over 30 years of experience in enterprise security and infrastructure.

Throughout my career, I have been an active contributor to the cybersecurity community, serving as an educator, ethical hacker, and speaker at global conferences. I hold both the Certified Information Systems Security Professional (CISSP) and Offensive Security Certified Professional (OSCP) certifications as well as advise various governments, critical infrastructure organizations, and industries such as finance and transportation on cybersecurity matters.
I am the author of "Cybersecurity for Dummies," a book that has gained global recognition for helping companies integrate people, processes, and technology to strengthen their defense against cyberattacks. The book has over 50,000 readers worldwide and provides a straightforward approach to understanding cybersecurity.

In addition to my writing, I have authored numerous articles and research papers, contributing to publications such as The Wall Street Journal, USA Today, Dark Reading, and CSO Magazine. I also host the bi-weekly podcast "Security by Default" which offers insights from leading cybersecurity experts and discusses best practices for navigating security challenges.
I am dedicated to educating the next generation of cybersecurity leaders and his commitment to building a safer internet have made him a respected figure in the cybersecurity community.