Your browser is your new endpoint—and it’s vulnerable. In this episode, I speak with Audrey Adeline, Security Researcher at SquareX and co-author of the Browser Security Field Manual. Audrey walks us through why browser security is a rising concern, how current architectures fall short, and what her research team is doing to uncover novel browser-based threats.
We talk about her unconventional journey from VC to cyber researcher, the process of writing the field manual, and how SquareX tackles browser threats with tools far beyond Chrome’s own protections.
We also dive into:
Real-world attacks like polymorphic extensions and malicious OAuth apps
How even trusted extensions can be weaponized
What “MV3 compliant” really means (and doesn’t)
Why architectural flaws are harder to fix than software bugs
How SquareX uses AI for extension behavior analysis
Her take on impactful research and communication in the security field
This is a rare deep-dive into browser-native risks from someone at the frontier of browser security.
In this thrilling episode of The Abhisek Cast, we explore the real-life world of physical penetration testing with one of the best in the field—FC aka Freakyclown, Cofounder of Cygenta Security.
From breaking into banks and data centers to sneaking past guards and security systems, FC shares what it takes to hack the physical world. He walks us through his early days in cybersecurity—before the internet as we know it—and explains why physical security is often the weakest link in an organization’s defense.
What makes this episode stand out is FC's ability to share deep insight through wild real-life stories—from bluffing his way into secure sites to planting covert devices inside phones.
We also talk about the founding of Cygenta, a company focused on holistic security: blending technical defenses, human behavior, and physical infrastructure into a single strategy.
If you’re in cybersecurity, red teaming, or just fascinated by the intersection of psychology and hacking, this one is for you.
In this thought-provoking episode, Abhisek talks with Anant Shrivastava, Founder of Cyfinoid Research, about the raw, unfiltered realities of security careers — from his early journey with Linux in 2000 to leading teams, building open-source tools, and mentoring the next generation of security professionals.
Anant offers a candid view on:
Whether certifications are worth it.
Why open source isn’t what it used to be — and that’s not necessarily bad.
The truth about CI/CD and DevSecOps pipelines.
What really goes on behind closed doors in conference CFP selections.
How students and professionals alike can build relevant skills with purpose.
We also touch on the role of AI in workflows, the importance of community support, and the enduring value of curiosity in learning.
Whether you’re a student, early-career professional, or seasoned expert — this episode will leave you with insights, clarity, and a sense of direction.
In this episode of The Abhisek Cast, we explore one of the most overlooked but highly targeted layers of modern cybersecurity: the browser.
Joining us is Dakshitaa Babu, a Security Researcher and Product Evangelist at SquareX, who brings a fresh and practical perspective on the evolving threat landscape inside browsers. She explains how attackers abuse browser functionality, why traditional security tools fall short, and how developers and defenders alike can better prepare.
If you’ve ever used browser extensions, clicked on an ad, or granted notification permissions, this episode is for you.
What we cover in this episode:
The browser as an active and often exploited attack surface
Real-world examples of browser-native ransomware and fileless attacks
The mechanics behind Browser-in-Browser (BiB) and fullscreen spoofing attacks
How browser extensions can misuse permissions and lead to data leaks
AI-related data exfiltration risks through third-party tools
The importance of secure-by-design thinking during development
Challenges of building custom enterprise browsers
Tips for aspiring researchers entering the browser security space
Observations from the field: misconfigurations, CVEs, and bypass techniques
Building a career in browser security and Dakshitaa’s experience at SquareX
About the Guest:Dakshitaa Babu is a Security Researcher and Product Evangelist at SquareX. With a background in analytics, venture capital, and data engineering, she brings a cross-disciplinary mindset to offensive research and browser-based defense. She actively contributes to building one of the industry’s first Browser Detection and Response (BDR) platforms, pushing boundaries in real-time web threat prevention.
This episode is packed with insights for developers, product teams, security professionals, and researchers who want to understand the future of browser threats and how to build resilience against them.
Also available on:
In the 3rd episode of The Abhisek Cast, I talk with Chris Rock—co-founder and CISO of SIEMonster, with more than 30 years of experience in cybersecurity. We explore why most companies still struggle with basic asset visibility, how to approach company mergers from a security perspective, and how a solid framework like ISO 27001 saves startups from painful mistakes. Chris also reflects on his experiences presenting at DEF CON, the importance of documenting security research thoroughly, and his personal hiring philosophy. A refreshing, no-BS conversation packed with lessons from the trenches.
Key points:
Most companies don’t know what assets they have, leading to major gaps
Auditing and pen testing are critical before merging orgs/domains
Startups need ISO, not just certifications for the sake of it
DEF CON is invaluable for learning and community
In hiring: honesty and initiative matter more than memorized answers
In Episode 2 of the Abhisek Cast, Jayesh Singh, CEO of Cloudurance Security, shares his journey from small-town "jugaad" to cybersecurity leadership. We explore founding Cloud Village, audits vs. pentests, startup security challenges, and the power of passion in building a career. Tune in for practical insights and inspiration to level up in cybersecurity!
In the very first episode of The Abhisek Cast, I chat with Louis Neffenegger, CEO of PentesterLab. We talk about his personal journey, the rise of cybersecurity, the real value of learning over certifications, and how to build depth and resilience in this ever-changing field.
This is not a polished "success story"—it’s a real, honest take on learning, struggling, and growing with intention.
If you're passionate about cybersecurity or looking to go deeper into the field, this episode is for you.
