David Bombal

País Estados Unidos

Géneros Technology

Idioma EN

Episodios 500

Último 22.05.2026

David Bombal is a podcast about IT topics including Python, ethical hacking, networking, network automation, CCNA, and virtualization. The host shares technical, detailed content with new episodes every week. The show aims to help listeners advance their careers in IT.

Episodios

#577: My Dream "home lab" 22.05.2026 28m

Join me for an exclusive, behind-the-scenes tour of Cisco's purpose-built $20 million AI data center lab in San Jose. AI is revolutionizing the tech industry, but running massive 10,000 GPU clusters can cost up to $175 million a year—and a mere 5% network bottleneck can flush $8 million down the drain. In this video, we break down the hardware, software, and networking topologies required to build, secure, and scale massive AI data centers. I sit down with Cisco engineers to explore scale-up domains with NVIDIA H200 and AMD MI350X servers, scale-out rail-optimized topologies, and the massive Cisco Silicon One G300 ASIC delivering 102.4 Terabits per second with innovative liquid cooling. We also dive into the Ethernet vs. InfiniBand debate for scaling to 100,000 GPUs, the power of Linear Pluggable Optics (LPO) to reduce power draw, and how Cisco used AI to safely refactor 500,000 lines of legacy code. Whether you are building an AI network today or upgrading your engineering skills for the future, this is video can help you learn. Big thanks to Cisco for sponsoring my trip to Cisco Data Center and Operational Control Center in San Jose. // Will Eatherton SOCIAL // LinkedIn: / willeatherton Newsroom: https://newsroom.cisco.com/c/r/newsro... // Rakesh Kumar SOCIAL // LinkedIn: / rakesh-kumar-78559b // Richard Licon SOCIAL // LinkedIn: / rlicon75 // Ram Gandikota // LinkedIn: / ramgandikota // Faraz Taifehesmatian SOCIAL // LinkedIn: / faraztaifeh // YouTube video REFERENCE // • The 100Tbps AI Switch: Inside the Beast / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - The power of AI data centers 0:51 - Cost and challenges of AI data centers 02:35 - How to connect GPUs in an AI cluster 05:23 - The future of data centers 08:45 - NeoCloud infrastructure in Australia 10:28 - The right components matter 16:32 - Testing to avoid failures 21:43 - Ethernet vs InfiniBand 23:27 - Cisco security services 26:14 - Future of speeds in the data center 27:23 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #network #datacenter
#576: How to track dark ships using OSINT (with demos) 23.04.2026 49m

Big thank you to DeleteMe for sponsoring this video. Use my link https://joindeleteme.com/Bombal to receive a 20% discount or use the QR Code in the video. In this OSINT deep dive, professional OSINT analyst Ray Baker joins David Bombal to explore the shadowy world of maritime cybersecurity and vessel tracking. Discover the critical differences between the dark fleet and shadow fleet, and learn the exact open-source intelligence methods used to track ships attempting to hide their identities on the open ocean. From manipulating AIS tracking data and repainting ship decks to the terrifying reality of hacking Chinese-made port cranes, this video uncovers the hidden cyber threats facing global supply chains. We also explore the tools used by professionals, such as MarineTraffic and Equasis, to investigate illicit maritime activities and track adversarial movements. // Rae Baker’s SOCIAL // Website: https://www.raebaker.net/ LinkedIn: / raebakerosint X: https://x.com/wondersmith_rae // Amazon Books REFERENCE // Deep Dive: Exploring the Real-world Value of Open Source Intelligence US: https://amzn.to/4mw8Swo UK: https://amzn.to/4t6uhhQ // Website REFERENCE // https://www.marinetraffic.com/en/ais/... https://home.treasury.gov/ https://tankertrackers.com/ // Video REFERENCE // Deep Dive into OSINT: • Deep Dive OSINT (Hacking, Shodan and more!) // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:52 - Intro 01:25 - About Deep Dive 03:15 - Sponsor 04:14 - Opinions on AI 06:20 - About Rae 07:41 - What are Dark Fleets? 10:04 - Automatic Identification Systems 14:42 - TankerTrackers.com 16:03 - MarineTraffic.com 21:50 - Info to be Gained from Ports 23:05 - Dark vs Shadow 26:43 - Extrapolating Ship Information 30:07 - Relevancy Of Ships to Cybersecurity 32:23 - Implications of Cyber Threats 34:41 - SHODAN.io 37:31 - Why is Maritime OSINT important? 40:02 - Commercial Reasons for OSINT 43:15 - How to Track Ships When They Go Dark 45:19 - Where to Learn More 49:30 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #osint #iran #cybersecurity
#575: AI attackers are winning. Here is the SECRET to survive. 14.04.2026 1h

Are AI attackers winning the cybersecurity war? In this video, I sit down with Daniel Miessler, a 25-year security veteran, to discuss the terrifying reality of AI-driven cyber attacks and the massive advantage hackers have today. But it is not all doom and gloom. Daniel introduces his open-source project, PAI (Personal AI Infrastructure), demonstrating how you can build a customized, local AI assistant to automate your workflow, defend your data, and level up your tech skills. We cover everything from AI agents conducting prompt injection CTFs (like Gandalf) in real-time, to the future of work and why the ultimate goal of many corporations is zero human employees. Whether you are worried about AI replacing your job or you want to learn how to leverage local LLMs, Linux, and agentic AI to become an unstoppable force, this conversation is your blueprint for surviving and thriving in the 2026 tech landscape. Go here to get PAI for free: https://github.com/danielmiessler/Per... // Daniel’s SOCIAL // Twitter/X: / danielmiessler Website: https://danielmiessler.com/ GitHub: https://github.com/danielmiessler LinkedIn: / danielmiessler YouTube: / @unsupervised-learning / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:05 - Introduction 02:06 - Daniel’s Background & His Predictions of The Future of AI 05:52 - How Attackers use AI 08:40 - Open Source SSL Vulnerability 10:20 - Helping Businesses Scale using AI 12:48 - Personal AI Infrastructure (PAI) 15:54 - Empowering People To Believe in Themselves 17:34 - Demo (PAI) 31:12 - Examples of Using (PAI) for Automating Your Life 34:13 - The Real Internet Of Things Concept 37:39 - What Happens To Security & Privacy with Personalised AI 42:43 - Running AI Locally For Privacy & Security Reasons 44:44 - What Does AI Mean for Humans & Their Future 50:00 - The AI Hype, Real or Fake ? 56:01 - Will Universal basic Income be a Reality In the Future ? 59:10 - The Advantages of AI 01:00:23 - Outro & Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #anthropic #mythos
#574: Hacking Windows Active Directory in 10 minutes 14.04.2026 25m

Thank you ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal // Spencer Alessi’s SOCIAL // YouTube: / @techspence Website: https://spenceralessi.com/adsecuritykit/ X: https://x.com/techspence LinkedIn: / spenceralessi Swag: https://www.etsy.com/shop/ethicalthre... // ThreatLocker’s SOCIAL // LinkedIn: https://www.linkedin.com/company/thre... X: https://x.com/threatlocker Instagram: / threatlocker Website: https://www.threatlocker.com/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:54 - Spencer Alessi introduction & background 02:20 - Pentesting demo // Active Directory 03:34 - Control paths // Finding bad permissions with ADeleg 06:04 - Finding bad permissions with NetTools 06:52 - The most common issue 08:15 - Certificate abuse 12:20 - Quick recap 12:30 - Certificate abuse continued 15:10 - Pentesting summary 15:09 - How to become a pentester 18:48 - Recommended certifications 20:54 - Advice for blue teamers 22:15 - Overcoming being an introvert // Soft skills vs tech skills 23:43 - Windows hacking in the real world 24:54 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #microsoft #windows11 #hacker
#573: WhatsApp Hackers for Hire on the Dark Web (Surprisingly cheap) 07.04.2026 27m

Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal // Colin Ellis’ SOCIAL // LinkedIn: / collinellis95 // ThreatLocker’s SOCIAL // LinkedIn: https://www.linkedin.com/company/thre... X: https://x.com/threatlocker Instagram: / threatlocker Website: https://www.threatlocker.com/ // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 01:00 - Intro 02:24 - Demo Start - Clear Net 03:37 - Tails and Tor 04:55 - Navigating the Dark Web 07:28 - Hire a Hacker 14:30 - Script Kitties and We The North 20:42 - Zero Trust World 21:46 - Ransomware Group Clop 23:35 - Digital Hygiene 27:17 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #darkweb #hacking #tor
#572: How Cisco Protects AI Agents in Modern Data Centers 31.03.2026 14m

Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. Join David as he sits down with Cisco's Dave West (SVP, Global Specialists), to unpack the technical reality behind the OneCisco platform. Dive deep into how Cisco is transitioning from traditional networking into a platform-centric powerhouse that seamlessly integrates secure networking, AI, and cybersecurity. This discussion explores the convergence of networking and security through the Splunk acquisition, the infrastructure of AI-ready data centers powered by NVIDIA's Spectrum X and NVLink, and the rollout of agentic operations. Discover how micro-segmentation, Zero Trust access, and hybrid cloud solutions are solving the complexities of modern, distributed workforces. Whether you are managing on-premise infrastructure, hybrid environments, or preparing your network for the AI revolution, this deep dive covers the essential reference architectures and visibility tools you need to secure your enterprise. // Dave West’s SOCIAL // LinkedIn: / dave-west1 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:14 - Introduction 01:07 - Cisco as a Platform Company 02:26 - Interest in AI 03:14 - Cybersecurity Today 04:18 - What is One Cisco? 08:27 - The Workplaces of Tomorrow 09:58 - Secure Networking as the Foundation 12:38 - The Complexity of Secure Networking 13:46 - A Journey of One Cisco 14:23 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #onecisco #ai
#571: Google Big Sleep: The End of Human Hackers? 31.03.2026 1h 8m

Big thank you to DeleteMe for sponsoring this video. Use my link http://jointdeleteme.com/Bombal to receive a 20% discount or use the QR code in the video. Welcome back to the channel! In this deep dive, Stephen returns to break down the rapidly evolving landscape of AI in cybersecurity. We explore the critical differences between offensive AI (using AI to enhance attacks) and adversarial AI (attacking the AI models themselves). Learn the mechanics behind prompt injection, LLM jailbreaking, and how vector databases are structured. We also analyze real-world case studies, including Google Project Zero's Big Sleep autonomous zero-day agent, and demonstrate how new AI-driven tools are being used for patch diffing and root cause analysis. Finally, we tackle the massive industry question: will AI replace human penetration testers, and what steps should you take right now to futureproof your tech career? Plus, a quick look at how automated agents are tackling API vulnerabilities like BOLA. // Stephen's Social // Twitter: / steph3nsims YouTube: / @offbyonesecurity Discord: / discord // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:10 - DeleteMe Ad 02:29 - Intro 03:25 - About Stephen 06:10 - AI Explained 09:45 - Why You Should Study AI 13:04 - The Different AI Defined 22:10 - Vector Databases 24:05 - How Are Red Teamers Using AI 28:47 - Where Red Teamers Can Practice 34:10 - How Chatbots Work 36:14 - AI's Affect on Companies / Jobs 42:51 - What AI Can't Do 44:33 - Exploit Mitigation 48:47 - AI Hallucinations 56:01 - Web Apps and API's 59:46 - AI-Powered Products 59:18 - Demo Begins 01:03:01 - Final Thoughts 01:06:23 - Where To Learn 01:08:01 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #aihacking #artificalintelligence
#570: 100 Terabit Smart Switches: What You Need to Know 31.03.2026 36m

Thank you to Cisco for sponsoring my trip to the Cisco AI Lab in San Jose. In this deep dive into the future of data center networking, we sit down to explore the massive shifts happening in AI infrastructure. We discuss the rollout of new 100 terabit smart switches and firewalls powered by the Cisco Silicon One G300 chip, alongside the highly anticipated NVIDIA Spectrum 6. Discover the critical debate between Ethernet and InfiniBand for scaling AI clusters, the complexities of co-packaged optics (CPO) versus linear packaged optics (LPO), and how agentic AI and tools like Claude are revolutionizing legacy C code refactoring. From managing data center power constraints to enforcing security policies directly on DPUs, this conversation covers the hardware and software transformations you need to know to stay ahead in network engineering. // Will Eatherton SOCIAL // LinkedIn: / willeatherton Newsroom: https://newsroom.cisco.com/c/r/newsro... // YouTube video REFERENCE // • The 100Tbps AI Switch: Inside the Beast • Did Ethernet Just Win? Cisco’s 100Tbps AI ... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:42 - Introduction 01:05 - Recap of Announcements from Cisco Live 03:19 - 1.6 Terabyts Client Optics 04:27 - Hyperscalers and Neo-Clouds 05:13 - Cisco and Nvidia working together 05:39 - Scale Across 06:43 - Announcements from Nvidia GTC 2026 09:15 - Firewalls and AI Clusters 10:36 - The Future, Growth and Innovation 11:53 - Why have a Cisco Switch and a Nvidia Switch? 14:33 - Operating Systems on the Switches 16:42 - Infiniband vs Ethernet in the Data Centre 17:52 - Other Announcements from GTC 19:35 - Concerns around Data Centres 21:22 - Agentic AI in Data Centres 22:44 - Evolution of Soltware in Data Centres 25:07 - The Future of Vibe Coding 29:13 - Updates In the Routing Circles 30:43 - Open Source AI 32:11 - A view into the Future 35:14 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #nvidia #agenticai
#568: 5-Minute Cyber Hacks Everyone Should Know (2026) 31.03.2026 36m

Big thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Forget hot glue and paper clips. Here are 7 REAL 5-minute cybersecurity hacks everyone should know in 2026. Recorded live at Zero Trust World (ZTW26), David Bombal and a team of hackers demonstrate actual cyber attacks and how quickly your systems can be compromised. From forcing AI prompt injections to steal credentials, to hiding C2 servers in plain sight on a Steam profile, these are the real-world exploits threat actors are using right now. We're diving into the technical weeds to show you Windows LNK shortcut hijacking, Linux privilege escalation via sudo misconfigurations, and how to protect yourself from these exact attacks. // Guests’ SOCIAL // Alex Benton: Rename StickyKeys / alex-benton-b805065 Kenneth Walker: Everthing is a C2 / kenneth-walker-527595109 Jacob Meyer: Shortcut Hijack / jacob-meyer-165b8359 David Smith: Alternate Data Streams / david-smith-sudo-wrestler Karla Abarca: The validity of an application before execution / karlaabarcacyber Ramsey Shaban: Prompt Injection / ramsey-shaban-390335205 Tillman Hall Powershell Fake Logon / tillmanhall Rayton Li: Rooting Around Linux: Privilege Escalations / rayton-li Kieran Human: Network Hash Stealing / kieran-human-5495ab170 // ThreatLocker’s SOCIAL // LinkedIn: https://www.linkedin.com/company/thre... X: https://x.com/threatlocker Instagram: / threatlocker Website: https://www.threatlocker.com/ // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:59 - Intro 01:20 - ThreatLocker Sponsor 01:36 - Demo 1: Sticky Keys 04:20 - Demo 2: Steam-Based C2 Attack 09:25 - Demo 3: Shortcut Hijacking 13:32 - Demo 4: Hidden Malware in Alternate Data Streams 20:18 - Demo 5: Safe App Validation (3-Step Check) 24:39 - AI Prompt Injection Attack 28:45 - Demo 6: Linux Privilege Escalation (Sudo Abuse) 34:10 - Demo 7: Credential Theft & Hash Cracking 36:38 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #5minutehacks #hacking #redteaming
#569: Why Vibe Hacking Is a Big Cybersecurity Threat in 2026 30.03.2026 1h 15m

Big thank you to Radware for sponsoring this video. Download the Radware Global Threat Analysis Report 2026 here: https://www.radware.com/threat-analys... In this interview, David Bombal sits down with Radware's Pascal Geenens to unpack the realities of the latest global threat report. The cybersecurity landscape has experienced a major paradigm shift: the era of "Vibe Hacking" is here. Pascal explains how Agentic AI, the Model Context Protocol (MCP), and uncensored offline models (like DeepSeek-R1) have created a "digital garden of Eden" for adversaries. Discover how novice script kiddies are now use the power of AI hacking which once strictly reserved for nation-state actors. We dive deep into the automation of cyber attacks, the rise of AI-driven tools like Xantarox AI, the critical dangers of AI-generated code vulnerabilities, and why traditional defense mechanisms are struggling to keep up with non-deterministic AI threats. // Pascal Geenens’ SOCIAL // LinkedIn: / Website: https://www.radware.com/ // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 01:20 - 2026 Global Threat Analysis Report // The future of cyber attacks 04:19 - AI threats & threat actors 09:21 - Threat Report cover page explained 15:31 - Vibe hacking 23:09 - Hackers using AI 30:28 - The rise of DDoS attacks 40:40 - AI & vulnerable APIs 53:58 - Getting easier with the help of AI 55:57 - Zero-click indirect prompt injection 01:13:33 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #radware #vibehacking #ddos
#567: Why Power Is Becoming a Major Problem for AI in 2026 28.03.2026 19m

Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. In this deep dive, Cisco’s Head of Corporate Strategy, Nathan Jokel, joins David Bombal to unpack the future of AI data centers and the groundbreaking Cisco and NVIDIA partnership. Discover how 1.6T networking speeds and the new 100T G300 silicon are solving massive infrastructure bottlenecks to keep GPUs running at full capacity. We explore the critical role of network security in the AI era, detailing the Splunk acquisition, HyperShield, and eBPF technology. Plus, get an insider's look at the looming power constraints facing data centers in 2025, and how Cisco is preparing for the future with post-quantum cryptography and distributed quantum networking. // Nathan Jokel’s SOCIAL // LinkedIn: / nathanjokel // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:29 - Intro 02:20 - Demo Overview 03:57 - Demo Begins 09:35 - Adding Guardrails 11:45 - Secure Workloads 14:30 - Segmentation Workflow 18:33 - Overviewing Finance App 21:02 - Encrypted Visibility Engine 24:34 - Firewall Observability and Control 25:44 - Ant's Advice For The Youth 26:40 - How to Learn Hybrid Mesh Firewall 28:16 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.
#566: Stop buying AI security tools until you watch this 25.03.2026 26m

Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal AI isn't the magic cybersecurity cure the industry wants you to believe it is Danny Jenkins tells us in this interview. He cuts through the marketing hype and explains why relying solely on AI to block attacks is not a solution to all our cyber problems. We also discuss modern threats—including the rise of Agentic AI—and why determining the "intent" of software is practically impossible for artificial intelligence. Instead of chasing the latest buzzwords, learn the foundational, proven strategies to actually secure your network. We dive deep into Zero Trust Network Access (ZTNA), the power of default deny, and the specific, tangible controls you need to block ransomware, prevent Office 365 phishing, and stop bad actors. Whether you're an IT admin, SOC analyst, or CISO, this video outlines exactly what you should be doing instead of just buying another AI tool // Danny Jenkins’ SOCIAL // LinkedIn: / dannyjenkinscyber // ThreatLocker’s SOCIAL // LinkedIn: https://www.linkedin.com/company/thre... X: https://x.com/threatlocker Instagram: / threatlocker Website: https://www.threatlocker.com/ // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:36 - Introduction 01:01 - Solving Problems with AI and Security 03:14 - Concerns with Agentic AI 08:01 - ThreatLocker AI Products 09:20 - AI vs AI and Security 11:34 - Vibe Coding in Industry 14:42 - Ways for Companies to Stop Hacks 19:29 - Deny by Default vs AI 20:29 - Industry reaction to Deny by Default 22:10 - About ThreatLocker 23:19 - Announcements from ZTW26 25:22 - The Growth of Threatlocker 26:12 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #ai #hack
#565: Stop the AI Hype: What Enterprise Teams Are Really Building 25.03.2026 30m

Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. In this deep dive, David Bombal sits down with Carlos Pereira (Cisco Fellow & Chief Architect, Customer Experience) to discuss the hard truth about AI deployment in 2025 and 2026. While the world is focused on B2C chatbots, Carlos explains why the real value lies in Agentic AI systems that don't just talk, but actually execute B2B workflows. We explore the "Year of Evals," where the industry is finally grappling with the struggle of probabilistic vs. deterministic logic, and how to secure these systems from the ground up rather than as an afterthought. Carlos also reveals his exact framework for identifying AI ROI, sharing a case study of a customer who narrowed 412 potential use cases down to just 5 proven implementations. // Carlos Pereira’s SOCIAL // LinkedIn: / capereir /// David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:55 - Carlos Pereira introduction & background 01:41 - AI in enterprises // What's happening? 04:18 - "Don't follow the hype" 08:37 - AI & Agentic AI evaluations 15:40 - Input guard explained 17:44 - AI adoption // AI native workflows 22:13 - Security in AI 25:52 - The year of AI/Agentic AI workflows 28:37 - Securing AI/Agentic AI // Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #agenticai #ai
#564: Hackers can bypass Your MFA In 2026 (And How To Stop It) 23.03.2026 38m

Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are your passwords and 2FA enough to stop a modern cyber attack? In this interview, Rob from ThreatLocker breaks down the dangerous reality of password reuse, SIM swapping, and why traditional SMS MFA is no longer bulletproof. We dive deep into how threat actors use reverse proxies like Evilginx to steal session cookies, allowing them to bypass multi-factor authentication and hijack your accounts without ever needing your password. Discover why relying on legacy VPNs and leaving firewall ports open to the internet massively increases your attack surface, leaving your organization just one brute-force attack away from ransomware. Finally, we explore the mechanics of ThreatLocker’s Zero Trust Network Access and Cloud Access, detailing how denying by default and routing through secure proxies can lock down Microsoft 365 and make your internal network effectively invisible to hackers. // Rob Allen’s SOCIAL // LinkedIn: / threatlockerrob X: https://x.com/threatlockerrob // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:57 - What is 2FA/MFA and why is it important? 02:54 - Reusing passwords 04:38 - Malicious Chrome extensions 05:39 - Average person vs cybersecurity 12:18 - SMS 2FA 13:37 - Authenticator apps 16:26 - Yubikeys 17:58 - No one is "unhackable" 21:52 - "Cookie stealing" explained 22:53 - ThrearLocker's new tool/solution 28:22 - How ThreatLocker protects Office365 29:06 - ThreatLocker protecting organizations 33:11 - Should I trust ThreatLocker? 35:54 - How safe is ThreatLocker? 38:00 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cybersecurity #hacker #hack
#563: Securing LLMs and fighting Prompt Injection with Algorithmic Red Teaming 23.03.2026 33m

Thank you to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. In this interview, Cisco VP Rick Miles breaks down the evolution of the firewall, the massive hardware leap of the 6100 series, and how AI agents and eBPF are completely reshaping the industry. Whether you're trying to secure AI models against prompt injection or wondering if AI will replace your networking job by 2030, this is the technical reality check every engineer needs to hear right now. Has the role of the traditional firewall changed? Rick Miles, VP of Product at Cisco, joins David Bombal at Cisco Live EMEA to reveal the massive architectural shift from static "firewalls" to dynamic "firewalling." This deep-dive interview covers the incredible specs of the new Cisco Secure Firewall 6100 series—boasting 80% less space, 60% less power, and up to 8 Terabits of clustered throughput in a 2RU form factor. We also explore how eBPF is revolutionizing deep visibility and virtual patching directly at the application layer, moving security beyond the edge. But hardware is only half the story. We also break down the new "Wild West" of AI cybersecurity. Learn how to secure the network against prompt injection, poisoned AI models, and unsecured Model Context Protocols (MCP). Finally, Rick shares his vision for 2030: "Agentic" security. Will AI agents replace network engineers, or will they become the ultimate force multiplier for your career? // Rick Miles’ SOCIAL // LinkedIn: / rcmiles09 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:19 - Introduction 01:17 - Are Firewalls Dead? 04:18 - Cisco and Firewalls 08:30 - Hyperscalers vs Neo-Clouds vs Enterprises 10:46 - EBPF and Switches as Firewalls 14:32 - Managing your Hybrid Mesh Firewall 16:20 - Cisco’s Compatibility with other Firewalls 17:40 - Identity within Systems 19:05 - More on Hybrid Mesh Firewall 19:53 - Model Context Protocol and Security 23:57 - The Future of “Firewalling” 25:15 - The Effect of Agentic AI 26:57 - Will AI take all our Jobs? 27:56 - Should you get into Cyber Security? 28:48 - Cool Story about Firewall 30:30 - Talk to your Younger Self 32:32 - Does AI give Advantage to Attackers? 33:09 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #firewall #cisco #cybersecurity
#562: Warning and demo: It's possible to Prompt Engineer Malware 23.03.2026 9m

Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Discover how easily hackers prompt engineer malware in 2026. Kieran Human from ThreatLocker demonstrates bypassing Microsoft Copilot guardrails to write PowerShell ransomware. // Kieran Human’s SOCIAL // LinkedIn: / kieran-human-5495ab170 // GitHub page REFERENCE // https://github.com/ztwAdmin/ZTW-2026 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:17 - Intro 01:00 - Demo 01:37 - Sponsored by Threatlocker 01:55 - Demo continued 07:38 - Where to Find these Tools 08:38 - Disclaimer 09:33 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #threatlocker #copilot #locallm
#561: Why 1 small network FAIL breaks your massive 2026 AI job 18.03.2026 30m

Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. The AI revolution is putting unprecedented strain on global network architectures. In this exclusive deep dive with networking leaders from Cisco and NTT, we break down the critical infrastructure challenges and hardware innovations shaping 2026. Discover how emerging NeoClouds are competing with traditional hyperscalers to deliver dedicated GPU clusters, and why a single non-blocking network failure can bring an entire AI deployment to a grinding halt. We explore the reality of deploying agentic AI across enterprise networks, the vital role of international data sovereignty, and the extreme power demands driving the shift toward liquid-cooled data centers and innovations like the Cisco Silicon One G300 Chip. We also dive into the future of physical AI at the edge, where robotics and autonomous systems demand ultra-low latency inferencing. For IT professionals and network engineers, the stakes have never been higher. Learn the proven skills you need to stay relevant in 2026, from mastering zero-trust AI network security and observability with Splunk to managing predictive networking autonomously. Finally, get a sneak peek into the spooky future of post-quantum cryptography and what it means for the next generation of cybersecurity. // Gary Middleton’s SOCIAL // LinkedIn: / middletongary // Hendrik Blokhuis’ SOCIAL // LinkedIn: / hendrik-blokhuis-886a8910 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:30 - Introduction 01:48 - NeoClouds and the Importance of Networking 02:52 - Data Sovereignty 04:47 - Challenges faced for Data Centres 07:31 - Electricity and Data Centres 09:18 - Technical Problems and Cisco’s Solutions 12:41 - Lack of Skills in the Industry 13:21 - Is it still Worth Getting into Cyber today? 15:44 - Security of AI and Trusting your AI 18:06 - NTT Data and Cisco Partnership 20:01 - Who is Buying and Deploying this New Tech 21:52 - Could Agentic AI help solve Problems 23:46 - Customer Feedback on Agentic AI 24:57 - Physical AI is the Next Step in AI 25:58 - The Future of AI and Networking 28:05 - Post Quantum Cryptography 28:57 - Advice for Young People today 30:17 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ntt #agenticai #postquantum
#560: The one BIG mistake you are making with DNS security today 18.03.2026 58m

Big thank you to Infoblox for sponsoring this video. To learn more about Infoblox please visit: https://www.infoblox.com/ Do you know the difference between encrypted DNS and secure DNS? DNS veteran Cricket Liu, author of DNS and Bind, joins David Bombal to break down common misconceptions, explain the crucial distinction between security and privacy; and outline a massive update to the NIST Secure DNS Deployment Guide (SP 800-81). If you run a network, you cannot afford to ignore this control point. Detailed Breakdown: DNS is the Achilles' heel of internet infrastructure. While newer protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT) solve the cleartext privacy problem, they do not stop malware, phishing, or data exfiltration. In fact, attackers are now using encrypted DNS against us. In this deep-dive interview, Cricket Liu explains how DNS security must evolve beyond simple encryption to include Protective DNS (PDNS) using Response Policy Zones (RPZ). Learn how to turn your existing DNS infrastructure into a low-cost, high-efficiency control point that blocks malicious C2 rendezvous, phishing links, and DNS tunneling automatically. We also tackle the DNSSEC confusion head-on. Cricket clarifies exactly why DNSSEC is about validation and integrity, not encryption, and discusses the looming threat of quantum computing on modern cryptographic standards. Finally, we discuss real-world attack vectors, including a wild story about a dangling CNAME record on CDC.gov that was hijacked to game search engine rankings, and how the updated NIST guide shifts focus from just network administrators to security practitioners. // Links to documents // NIST SP 800-81: https://nvlpubs.nist.gov/nistpubs/Spe... Inflox Q&A on NIST SP 800-81: https://www.infoblox.com/blog/securit... // Cricket Liu’s SOCIAL // LinkedIn: / cricketliu // Renee Burton’s SOCIAL // LinkedIn: / ren%c3%a9e-burton-b7161110b Blog Posts: https://www.infoblox.com/blog/author/... // Infoblox SOCIAL // LinkedIn: / infoblox Website: https://www.infoblox.com/ // Books by Cricket // DNS on Windows Server 2003: Mastering the Domain Name US: https://amzn.to/4byNAtQ UK: https://amzn.to/4rjqgoz DNS & BIND Cookbook: Solutions & Examples for System Administrators 1st Edition US: https://amzn.to/40iZPob UK: https://amzn.to/3Nk2MBM DNS and BIND on IPv6: DNS for the Next-Generation Internet 1st Edition US: https://amzn.to/3MXly1Y UK: https://amzn.to/4s2SFRe Learning CoreDNS: Configuring DNS for Cloud Native Environments 1st Edition US: https://amzn.to/4sC4GwS UK: https://amzn.to/4ro0T59 DNS & Bind 4th Edition: US: https://amzn.to/4s8WaWm UK: https://amzn.to/4sztLbB // Website REFERENCE // Nist: https://www.nist.gov/ Secure Domain Name System Deployment Guide: https://www.nist.gov/news-events/news... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #dns #dnssec #cybersecurity
#559: How Splunk unlocks the Agentic AI transition in 2026 16.03.2026 18m

In this exclusive interview, Kamal Hathi reveals how the new Cisco Data Fabric and Splunk Machine GPT are unlocking agentic AI for cybersecurity. Discover the future of SOC analysts and network telemetry in 2026! Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. // Kamal Hathi’s’ SOCIAL // LinkedIn: / kamal-hathi // Website REFERENCE // https://www.splunk.com/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:36 - Kamal Hathi introduction and machine gpt update 03:36 - Splunk and machine data 05:47 - Resources to learn Splunk 06:48 - Cisco Time Series Model on Hugging Face 07:50 - Cisco Data Fabric explained 09:37 - Updates in 2026 15:51 - Cisco & Splunk 17:50 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #splunk #ciscolive
#558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF) 16.03.2026 25m

Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are you looking to get into bug bounty hunting but feel overwhelmed or worried the field is oversaturated? In this video, full-time bug bounty hunter Justin Gardner shares a realistic, actionable guide to web hacking for beginners. We dive straight into the practical side with five live demonstrations of common web vulnerabilities—all done using just your browser and DevTools. Justin explains how Insecure Direct Object Reference (IDOR), Broken Access Controls, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) work in the real world, including stories of finding these exact bugs on major platforms like Google. After the demos, we tackle the biggest questions new hackers have: Is there still money to be made in 2026? How has AI changed the landscape? And what is the exact roadmap to landing your first bounty? Justin breaks down his "200-hour rule" for learning, why you need to get comfortable with failing, and the best resources (like HackerOne and PortSwigger) to help you launch your cybersecurity career today. // Labs and more here: // Labs: https://ztw.ctbb.show/ More labs: https://labs.cai.do/ And more labs: https://portswigger.net/web-security // Justin Gardner’s SOCIAL // YouTube: / @criticalthinkingpodcast LinkedIn: / rhynorater X: https://x.com/Rhynorater GitHub: https://rhynorater.github.io/aboutme/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:40 - Introduction 01:50 - Getting Started in Bug Bounty 03:11 - Can I Make Money in Bug Bounty? 04:11 - Demo 1 06:55 - Demo 2 08:47 - Lessons for Upcoming Hackers 10:09 - Demo 3 13:49 - Are There Demos on Justin’s Podcast? 14:20 - Demo 4 18:11 - Real-Life Date of Birth Vulnerability 19:13 - Advice on Becoming a Hacker Like Justin 20:20 - What & Where to Study to Become a Bug Bounty Hacker 21:49 - How Long Does It Take? 25:07 - Outro & Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #webhacking #bugbounty #hack