Enterprise Security Weekly (Audio)

Interview with Evan Powell - Generative and agentic AI are improving cyberattacks faster than they're improving cyber defenses.
Offensive folks have been having the most luck with AI so far, which is further eroding any advantage defenders might have had. Evan Powell joins us to share some ideas on how defenders can get some benefits from AI as well, and why open source is important with this approach.
Topic
For this week's topic segment, we've got two very interesting data sources.
The first is Anthropic's first update on Project Glasswing, where they're absolutely tearing through codebases with ultra premium Mythos tokens, but then hitting a human-shaped bottleneck as they attempt to validate all the findings.
The second is the first report from Root Evidence, the latest startup from Jeremiah Grossman and Robert Hansen (aka RSnake), which aims to help organizations filter out all the vulnerabilities that don't matter.
Where these two reports meet in the middle is my concern that the use of AI to scour every last bug out of code is going to be the most Sisyphean task the cybersecurity industry has ever come up with (and we have some deep experience here).
The Weekly Enterprise News
Finally, in the enterprise security news,
Less funding, more acquisition
the AI SOC startup space is CROWDED
your CEO is suffering from AI psychosis
Some CISOs are done with the job, IT can have it
detecting and removing dangerous secrets from dev workstations
230,000 security advisories roll up to 6 attacker behaviors
The FBI's 2025 IC3 report is out
When tech billionaires make predictions, they're actually sales pitches
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-461

Interview with Rob Allen from Threatlocker
This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls.
Topic: Do the basics, they said. Easier said than done.
Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front.
The weekly enterprise news
Finally, in the enterprise security news,
a really interesting vibe check
funding
acquisitions
the verizon DBIR
we give a tutorial on how to leak AWS keys on github
OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL
agents versus agents
exploitbench
the vulnpocalypse
robot dogs are SO EASY to take out, we don't need to be too scared of them yet
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-460

Interview with Dimitri Sirota from BigID
Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework.
Segment Resources:
BigID's Agent Access Management Guide
BigID's podcast, CTRL + ALT + AI
This Week's Topic: Cascading Breaches
We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend:
How we can stop the chain of breaches from a third party library, vendor, or service provider
How this might get handled at the legal, contractual, and organizational levels
We discuss two big recent examples:
Sonicwall's 2025 breach of their cloud firewall configuration backup service
The compromise of Aqua Security's widely used Trivy open source tool
The Weekly Enterprise News
Finally, in the enterprise security news,
Funding and M&A courtesy of the Security, Funded newsletter
We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this)
The Angry admin problem emerges again
Vulnerability information is getting crazy to keep up with
Breach information is getting crazy to keep up with
You can give your Agents an allowance now - don't spend it all in one place
Are vulnerabilities sparse or dense?
Mythos, as a model, isn't all that special
Deploy your own deception sensors!
Japan made something weird. Again.
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-459

The Weekly Enterprise News
This week, in the enterprise security news,
Copy Fail
The hits keep coming for CVE, NIST and NVD
Cyber attacks on breathalyzers
insurance carriers pulling support for AI
Florida Man pleads guilty
ignore the humanities at your own peril
offense and defense don't scale the same
is it okay to be left behind?
scientists gave cocaine to salmon
Mind the Gap: Confidence, AI, and the Future of Exposure Management
Former ethical hacker, now founder and CEO of Intruder, Chris Wallis explores whether AI can bridge the divide between finding vulnerabilities and understanding real-world attack context as exploit windows continue to shrink. This conversation dives into the structural "confidence gap" uncovered in Intruder's 2026 Security Middle Child Report, where executive risk appetite is increasingly decoupled from front-line operational reality.
Check out Intruder's Security Middle Child Report at https://securityweekly.com/intruderrsac.
Modern Phishing Attacks Are Under Multi-Channel Siege
Recently, there has been a shift in cybercriminals' behavior, marked by a surge in total phishing attack volume. These attacks are fueled by high-scale automation and a coordinated multi-channel siege targeting corporate collaboration tools. Trusted platforms such as email, Teams, calendars and others are in the cross-hairs, bypassing traditional phishing methods that have worked in the past.
This segment is sponsored by KnowBe4. Visit https://securityweekly.com/knowbe4rsac to learn more about them!
AI is Now Default Enterprise Accelerator
The Zscaler ThreatLabz 2026 AI Security Report reveals that enterprise AI adoption has surged by up to 93% year-over-year, yet 100% of tested AI environments remain vulnerable to breaches that can occur in as little as 16 minutes. It highlights a dangerous shift toward "machine-speed" threats, where attackers use generative AI to automate data exfiltration and create sophisticated deepfakes. To combat these risks, the report urges organizations to move beyond simple blocking and instead implement a Zero Trust architecture for safe, AI-native data protection.
This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-458

Interview with Daniel dos Santos: Post-Quantum Cryptography and the Risks No One Is Talking About
Post-quantum cryptography (PQC) is quickly shifting from theory to inevitability. In this segment, Daniel dos Santos, VP of Research at Forescout, explains why PQC isn't the most immediate threat today—but still demands early attention as standards solidify and timelines accelerate.
The discussion highlights overlooked risks beyond encrypted traffic, including digital signatures, firmware integrity, and blockchain systems. Daniel also emphasizes the real challenge: migration. While client-side adoption is already underway, organizations face major hurdles identifying and upgrading servers, legacy systems, and unmanaged assets like IoT and OT.
The bottom line: PQC migration is unavoidable. Starting early—especially with crypto inventory and planning—will make the transition far less painful.
RSAC Interview: Multi-Channel Impersonation: Why Legacy Controls Are Failing
As social engineering expands past just email to include text messages, chat apps, social platforms, and live video calls, traditional point solutions are struggling to keep up. In this segment, Bobby Ford explains how AI-powered impersonation and deepfake-enabled campaigns are exposing critical gaps in legacy defenses, and why organizations must evolve toward a unified social engineering defense platform that connects Digital Risk Management and Human Risk Management. He'll outline what modern security programs need: real-time cross-channel visibility, behavior-driven detection, and strategies designed around how people actually communicate and make decisions today.
Visit https://securityweekly.com/doppelrsac to learn how Doppel helps organizations defend against AI-powered impersonation, phishing, and multi-channel social engineering threats with a modern Human Risk Management approach.
RSAC Interview: OT: Segmented Today, Breached Tomorrow
As the worlds of IT and OT converge, traditional network segmentation falls short, exposing risks in the critical environments that keep energy flowing and shelves stocked. Conventional security tools fail to identify these gaps, with serious repercussions for operators. At runZero, we empower defenders to win by default through comprehensive discovery, rapid detection of critical exposures, and unique segmentation analysis that does not depend on span ports, credentials, or on-device agents. runZero provides real-time insights into even the most sensitive environments — quickly, safely, and securely.
This segment is sponsored by runZero. Visit https://securityweekly.com/runzerorsac to learn more about them!
RSAC Interview: Securing the Next Billion Users: Why the Browser is the Front Line for Agentic AI
The enterprise is facing a fundamental shift: the next billion knowledge workers will not be human, they will be AI agents. While these agents offer exponential productivity, they operate at machine speed without human guardrails like MFA or skepticism, creating a massive security blind spot. Ramin Farassat discusses the "Agentic Paradox" and how a new approach to browser security is required to provide architectural immunity for the modern, hybrid workforce of both humans and agents.
Learn more about how Menlo Security protects both humans and agents at https://securityweekly.com/menlorsac.
RSAC Interview: The Threat Curve Has Reset: Why AI Made "Solved" Attacks Dangerous Again
AI hasn't just evolved cyberattacks—it has reset the threat curve entirely. New research shows that even "solved" problems like phishing and business email compromise are immature and dangerous again, with attackers using AI and autonomous agents to launch hyper-personalized, multi-channel attacks at scale. This session explores what Phishing 3.0 really means for security leaders—and why defending trust now requires a fundamentally new approach.
This segment is sponsored by IRONSCALES. Visit https://securityweekly.com/IRONSCALESrsac to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-457