Can I find privacy violations with Shodan? What companies are using hackable unpatched scada systems that are misconfigured? Can we find osint on a company that has government contracts but is not secure? Why is phishing training still a multi-billion dollar business when a variety of reports indicate that the numbers for that "defense" don't justify that expense? Is the government really as secure as we think they are? What about finding illegal violations of compliance mandates in ics systems? Isn't breaking the law a bad thing? Those questions and more on this podcast!