What we cover
Social engineering, phishing, business email compromise, and the human side of major breaches and advanced-persistent-threat campaigns. Facts and story, never clickbait. If a headline can only be made interesting by overstating it, we do not run it.
How we research and source
Each story is built from primary sources first: the affected organization's own disclosures, government and CERT advisories, court and regulatory filings, and the original security-vendor research. Where reporting conflicts, we say so. Where something is not yet confirmed, we label it as unconfirmed rather than imply certainty. Key claims in each episode link back to their sources.
AI assistance, human judgment
We are open about how the show is made. Scripts are drafted with AI assistance and then edited by a human who researches each story and checks it against primary sources; narration uses a synthetic voice and some visuals are AI-generated. A person is responsible for every published claim. Episodes are flagged as containing synthetic media where the platform supports it.
Corrections
If we get something wrong, we fix it and say what changed. Email threatlevelhuman@gmail.com with a correction and a source and we will review it. Substantive corrections are noted on the affected episode or post.
The mark
Our logo is a faceless figure. That is deliberate: in a social-engineering attack the person on the other end could be anyone, so the face is left blank. It is a reminder, not a mascot, that the human element is the attack surface, and the defense is to slow down when a message is built to make you act fast.