The ITSPmagazine Podcast

⬥EPISODE NOTES⬥ Sean Martin had barely finished his coffee when two separate conversations with CISOs at RSAC 2026 landed the same way: security is not how the business grows, it is how the business stays out of trouble. Compliance drives the tooling. The security team does its job. The business does its job. And the two rarely meet in the middle. That observation kicked off a quick but pointed exchange with Marco Ciappelli on the floor at RSAC, one that quickly moved from the conference center to the broader question of culture. Not just inside organizations -- but out in the world, where most people installing iPhone updates are skipping the security patch and tapping the music app feature instead. Sean has been making this argument for years -- his original show was called The Business of Security for a reason -- and Marco brings the branding and societal lens to the same problem. What happens when businesses treat security as a cost center rather than a brand asset? Apple made privacy a selling point. Most of the industry has not. And if the companies building and deploying security do not close that gap, the consumers and executives who should care never will. The conversation ends with Sean hinting at a second idea brewing -- something sparked by a photograph of a bow and arrow on the streets of San Francisco. That one comes later. ⬥HOSTS⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/ ⬥RESOURCES⬥ RSAC 2026 | April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ An Analog Brain In A Digital Age Newsletter | https://www.linkedin.com/newsletters/7079849705156870144/ On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, marco ciappelli, rsac 2026, rsa conference, cybersecurity business value, security culture, ciso priorities, compliance-driven security, security roi, brand and security, consumer security behavior, ai and security, security as business enabler, itspmagazine, on location Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score. Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can. The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins. Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Matt Stewart, Co-Founder, Impetum Alex Grohmann, Co-Founder, Impetum LinkedIn: https://www.linkedin.com/in/alexandergrohmann/ RESOURCES Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Arkose Labs sits at the intersection of bot management, fraud prevention, and identity protection -- working with the world's largest consumer-facing brands to make fraud unprofitable. Frank Teruel walks through how the threat landscape shifted from nation-state actors and organized crime to fully democratized crime-as-a-service platforms, where MFA bypass kits are sold online and multi-billion dollar fraud operations run with the efficiency of a product company. The conversation covers three of the biggest attack categories hitting organizations today: SMS toll fraud, bonus abuse, and fake account registrations. Each one exploits legitimate business flows -- onboarding, loyalty programs, referral bonuses -- and often goes entirely undetected by security teams because the attackers never trigger a traditional alert. In one example, a rideshare company's cell bill climbed by millions before anyone connected it to a fraud campaign. With agentic AI now in the mix, the attribution problem has become exponentially harder. Is that agent booking a hotel room a legitimate user action or the opening move of an account takeover? Arkose Labs places its defenses at the very top of the funnel -- registration and login flows -- combining risk scoring, challenge technology, a 24/7 SOC, and a dark web intelligence program called ACTOR. When a novel attack technique surfaces in gaming, Arkose Labs writes a global mitigation; when that same technique hits banking two days later, the defense is already deployed. Frank Teruel closes with a direct message to CISOs: 75% of organizations surveyed cannot perform attribution, and 97% expect a major AI-driven incident within the next 12 months. The signal to watch for is not always in the security stack -- it shows up in rising SMS bills, unusual account-linking activity, and transaction abandonment rates that do not match marketing spend. The answer is internal fusion: security, fraud, finance, and operations sharing data before the incident, not after. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Frank Teruel, Chief Operating Officer, Arkose Labshttps://www.linkedin.com/in/frankteruel/ RESOURCES Arkose Labs: https://www.arkoselabs.com RSAC Conference 2026: https://www.rsaconference.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Frank Teruel, Arkose Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, fraud prevention, bot management, account security, SMS toll fraud, agentic AI, fraud deterrence, identity protection, crime as a service, RSAC Conference 2026, CISO, account takeover, fake account registration, bonus abuse, loyalty fraud, federated threat intelligence Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the floor at Moscone Center was buzzing with talk of AI -- but underneath the excitement, a sharper question was forming: are enterprises actually ready to secure the AI systems they are rushing to deploy? Ed Wright, VP of Product Marketing at Menlo Security, joined Sean Martin on-site to dig into exactly that question. With 85 percent of knowledge workers now operating primarily through a browser, Menlo Security has spent 13 years building the infrastructure to protect that surface -- and the threat landscape has just taken a significant turn. The traditional browser threat model centers on humans: phishing links, malicious downloads, social engineering, deepfake video scams. Enterprises have spent billions on SSE stacks and endpoint protection stacks. Yet attacks continue to multiply. What Menlo Security is now tracking is a second threat model layered on top -- one designed specifically for AI agents. Agents use browsers to acquire data and complete tasks, often spinning up hundreds or thousands of headless browser sessions outside the enterprise perimeter, invisible to network security tools that only monitor the wire. The threat profile for agents is distinct. Where a human might miss a suspicious link, an agent reads white-on-white text and zero-font-size characters embedded in web pages -- classic prompt injection techniques. Agents are maniacally focused on task completion and do not naturally separate instructions from data. A co-opted agent, redirected through hidden instructions, will pursue its new goal with the same single-mindedness as its original one. Ed Wright notes that the top concern among CISOs at the RSAC Conference CISO bootcamp -- confirmed by a live audience poll -- is data exfiltration from agents: an agent accessing files, scraping internal pages, passing data to external LLMs, and moving sensitive information outside the organization. Menlo Security's response is a unified browser security platform that applies a single policy framework to both human and agentic workloads. The platform is built on four pillars: threat prevention including zero-day protection, secure application access, data security through AI Adaptive DLP, and file security. AI Adaptive DLP is the capability Ed Wright emphasizes most -- it functions as a combination of DLP and DSPM, discovering and classifying sensitive data across the organization and masking it in real time rather than blocking access. When traditional DLP blocks a human, they call IT. When it blocks an agent, the workflow silently fails. AI Adaptive DLP eliminates that failure mode entirely, keeping workflows uninterrupted while sensitive data stays protected at the source. The unification argument cuts through a crowded point-solution market. Rather than deploying separate tools for prompt injection, file security, and application access, Menlo Security delivers a single layer of visibility and observability across the entire workforce. Single policies. Single set of capabilities. No stitching together of forensic data from disconnected systems. Ed Wright points to a Fortune 500 customer that deployed 20,000-plus agents in a short window after a board mandate -- and quickly realized they had no security guardrails in place for browser-based agentic activity. The emergency call to Menlo Security was not the first of its kind, and it will not be the last. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ed Wright, VP of Product Marketing, Menlo Security LinkedIn: https://www.linkedin.com/in/edwardwright1/ RESOURCES Menlo Security: https://www.menlosecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Ed Wright, Menlo Security, Sean Martin, browser security, agentic AI security, AI agents, headless browsers, prompt injection, data exfiltration, AI Adaptive DLP, DSPM, zero-day threats, enterprise browser, SSE, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most enterprise authentication today is still built on passwords or one-time codes -- and neither is phishing-resistant. Alexander Summerer explains that fraud remains the core challenge: attackers intercept credentials in the online channel, and users are burdened with complex password policies that slow them down without making them safer. Swissbit's answer is the iShield Key, a FIDO2-based hardware security key that is plug and play. No passwords to remember, no codes to intercept, and no chance for a phishing attack to succeed. What sets Swissbit apart at RSAC Conference 2026 is convergence. The same iShield Key that authenticates a user at their workstation can also open a door. Tap it on an HID reader in a healthcare facility, a university, or a manufacturing plant, and access is granted -- physical and digital, in one device. Swissbit is the only vendor on the market today offering this combination, with HID Seos support now available and a global partner network ready to deploy at scale. The forward story is post-quantum cryptography. Alexander Summerer notes that quantum computing poses a real and coming threat to standard authentication algorithms. Swissbit is already previewing a PQC evaluation platform at booth 6565 -- a device that runs a post-quantum chip alongside the traditional chip. Organizations can upgrade to PQC-protected authentication with the same hardware, keeping legacy use cases running without disruption. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Alexander Summerer, Head of Authentication, Swissbit LinkedIn: https://www.linkedin.com/in/alexander-summerer RESOURCES Swissbit: https://www.swissbit.com iShield Key product page: https://www.swissbit.com/en/products/security-products/ishield-key/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Alexander Summerer, Swissbit, Sean Martin, RSAC Conference 2026, hardware security key, FIDO2, phishing-resistant authentication, passwordless authentication, physical access control, post-quantum cryptography, PQC, iShield Key, HID Seos, enterprise authentication, zero trust, brand story, brand marketing, marketing podcast, brand highlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not cloud-only and, according to Thyaga Vasudevan, EVP, Product at Skyhigh Security, they are unlikely to become cloud-only anytime soon. Legacy on-prem applications, new AI workloads kept inside the firewall, and the growing cost of routing all enterprise traffic through a cloud proxy are pushing organizations toward a hybrid security architecture -- one that needs to enforce consistent policy regardless of where the traffic goes or where the data lives. Skyhigh Security announced three major innovations at RSAC Conference 2026: a next-generation SSE hybrid platform with a single console managing on-prem and cloud enforcement under one policy construct; a patent-pending browser security capability that injects JavaScript controls dynamically into existing browser sessions without requiring a dedicated enterprise browser; and the general availability of its DSPM platform, which uniquely provides visibility into both data at rest and data in motion by combining proxy-layer inspection with posture management. The browser has quietly become the most important enforcement point in the enterprise. As AI tools like Microsoft Copilot operate through web socket connections that cannot be intercepted at the server level, security controls have to reach inside the browser session itself. Vasudevan describes a seamless approach: because Skyhigh Security already sees the traffic flowing through its SSE cloud, it can inject controls at the browser layer without asking employees to change the tools they use. Data sovereignty is no longer a compliance footnote -- it is an architectural driver. Vasudevan walked through a global manufacturer operating simultaneously in Europe, the United States, and China. Each region carries different regulatory constraints, different trust postures for cloud infrastructure, and different performance requirements. Skyhigh Security's hybrid platform handles all three scenarios under the same management framework and the same policy construct. The customer chooses where enforcement happens -- on-prem, cloud, or hybrid -- without rebuilding their security architecture. On AI agents, Vasudevan describes the evolution clearly: 2022 was about protecting data flowing into generative AI tools; 2025 became about protecting the actions of the agents themselves. Skyhigh Security positions itself as a proxy between agent traffic and the systems agents interact with -- whether MCP servers or SaaS applications -- monitoring what goes in and what comes out in real time. DSPM provides the baseline: know where sensitive data is and what risk it carries before any agent is given access to it. That distinction between sensitivity and risk is what allows organizations to make smart, dynamic decisions rather than blanket restrictions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Securityhttps://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, hybrid security, SSE, Security Service Edge, DSPM, data security posture management, zero trust, browser security, data sovereignty, AI agents, agentic AI, cloud security, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the middle of a major incident, security teams face a brutal paradox: the faster things move, the harder it becomes to capture what's actually happening. Cydarm Technologies was built to solve exactly that. Vaughan Shanks, Co-Founder and CEO, describes the platform as a system of record for the SOC -- a purpose-built case management tool that captures who knew what, when, and why, in real time, throughout the lifecycle of an incident. Most of Cydarm's customers sit in government, defense, and critical infrastructure -- organizations where the pressure of regulatory compliance, legal accountability, and board-level reporting is highest. But the value extends well beyond compliance. Shanks draws a direct line from his time in Australian federal government to the philosophy behind Cydarm: good record keeping is good governance. When a capital-I incident is declared, legal, HR, communications, the C-Suite, and the board all need a view in. Cydarm's fine-grained, attribute-based access control makes it possible to give each stakeholder exactly the access they need -- and no more. What sets Cydarm apart from the ticketing systems most teams already have? Shanks puts it plainly: ITSM was built for IT service management, not adversarial cyber threats. The volume, velocity, and variety of SecOps are simply different. Cydarm is designed to feel more like WhatsApp and less like ITSM -- rich data format support, Easy Connect integrations, and a collaborative experience built specifically for high-frequency security operations. Teams that have built workarounds in existing tools know the maintenance burden that comes with it. Cydarm eliminates that mess. The post-incident dimension is where the system of record pays compounding dividends. Shanks outlines three paths: individual incident reports with adjustable significance levels for different audiences; longitudinal metrics capture that reveals the threat environment your controls aren't blocking; and resource justification data that gives security leaders the evidence to defend headcount and budgets. One customer -- a security leader at a major household brand -- had never experienced a breach, and had long struggled to justify the size of their team. With Cydarm's metrics, they finally had the data to make the argument. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vaughan Shanks, Co-Founder and CEO, Cydarm Technologieshttps://www.linkedin.com/in/vaughan-shanks/ RESOURCES Cydarm Technologies: https://www.cydarm.com KEYWORDS Vaughan Shanks, Cydarm Technologies, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cyber incident response, SOC case management, security operations, incident management platform, system of record, RSAC Conference 2026, NIST incident response, playbook management, SecOps, ITSM alternatives, post-incident review, threat metrics, CISO accountability Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A decade ago, Kevin Gosschalk was talking CAPTCHAs and bot mitigation with Marco Ciappelli at a security conference. Today, at RSAC Conference 2026, the conversation has shifted to agentic AI -- autonomous systems that browse, click, and transact on behalf of users. For Gosschalk, the Founder and CEO of Arkose Labs, the technology has changed but the challenge is familiar: how do you tell the difference between a legitimate automated actor and a malicious one? Gosschalk explains that the vast majority of agentic traffic today is not self-identifying. Rather than announcing themselves as AI agents, these systems impersonate real Chrome browsers on Mac OS -- choosing configurations with stronger privacy features to evade fingerprinting. There are two technical categories to contend with: headless browsers running in the cloud, which can be caught through device spoofing checks, and on-device agents that control a real browser instance, which require a deeper look at behavioral patterns and intent signals. Arkose Labs builds intent models around payment fraud, fake account creation, and account compromise to distinguish the good agents from the bad. The economic framing Gosschalk brings to this conversation is striking. He describes SMS toll fraud -- where bad actors acquire millions of premium phone numbers and trigger OTP messages from victim companies, earning three to six cents per message while costing those companies tens of millions of dollars annually. He walks through micro deposit fraud targeting fintechs. His core thesis: fraud is an economic activity, and the best defense is making attacks more expensive than they are worth. Arkose Labs builds challenge mechanisms designed to raise that cost through novel stimuli that ML models have not been trained to solve -- presenting something genuinely new forces a brute-force approach that is less effective than purpose-built attacks. The platform's consortium model is a key differentiator. Arkose Labs protects large enterprises including Expedia and Meta, and when an attack signature appears on one customer but nowhere else in the network, its uniqueness is itself a strong fraud signal. Customers can also feed labeled outcome data back into the system -- if something slips through and later proves malicious, that label sharpens the model for the entire consortium. Gosschalk is equally clear about the opportunity side of agentic AI. Blocking all automated traffic is no longer viable -- legitimate agentic commerce is coming, where consumers will delegate shopping, comparison, and purchasing to AI assistants. The future is not blanket blocking but granular, policy-driven enforcement: letting each customer define what kinds of agentic behavior they want to permit on their platforms. Integration is accessible -- a basic JavaScript deployment for web, SDKs for mobile, and extended support for IoT devices and CDN integrations. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Kevin Gosschalk, Founder and CEO, Arkose Labs LinkedIn: https://www.linkedin.com/in/kgosschalk/ RESOURCES Arkose Labs: https://www.arkoselabs.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Gosschalk, Arkose Labs, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand spotlight, agentic AI, bot detection, bot mitigation, fraud prevention, SMS toll fraud, micro deposit fraud, behavioral biometrics, intent detection, CAPTCHA, account takeover, synthetic identity, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The cybersecurity industry is good at finding problems. What it has struggled with -- for decades -- is fixing them. Sunil Gottumukkala, CEO and Co-Founder of Averlon, calls this the exposure window: the gap between when a vulnerability is discovered and when it is actually resolved. That gap is where real risk lives, and closing it is the founding mission of Averlon. Speaking on location at RSAC Conference 2026, Gottumukkala draws on his experience as a security executive at Salesforce to explain why even the most well-resourced teams fall behind. More code, more acquisitions, and more attack surface means more findings -- but the capacity to remediate does not scale at the same rate. The answer, he argues, is not more people. It is better systems. Averlon approaches the problem by ingesting findings from across a customer's security stack, applying AI-driven analysis to determine what is actually exploitable in that specific environment, and eliminating noise. From there, rather than generating a ticket, the platform generates a fix -- actual code changes for application vulnerabilities, or compensating controls for situations requiring more time. The goal is not to manage vulnerabilities. It is to eliminate them. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Sunil Gottumukkala, CEO & Co-Founder, Averlonhttps://www.linkedin.com/in/sunilgottumukkala/ RESOURCES Averlon: https://www.averlon.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Sunil Gottumukkala, Averlon, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, vulnerability remediation, remediation operations, exposure window, cloud security, agentic AI, CVSS, vulnerability management, RSAC Conference 2026, RSAC 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Security teams have more data than ever -- and less confidence in it. Angelos Kottas, VP of Product and Corporate Marketing at Axonius, opens by sharing a striking finding from the Axonius Actionability Report: 55% of CISOs still run their environments off spreadsheets, and fewer than 20% have daily updates to their asset data. The result is a gap between what organizations think they know and what is actually happening across their digital real estate. Axonius was founded in 2017 after its co-founders witnessed a Fortune 100 retailer go into crisis during a live security incident -- unable to identify which assets were impacted or who owned them. That founding story still frames the company's mission: give security teams a comprehensive, enriched, and current view of every asset so they can stop flying blind. But Kottas argues that visibility alone is no longer the goal. Axonius launched its exposure management product at RSAC Conference 2025 -- its most successful product launch to date -- and the message from customers is consistent: what used to take weeks now takes hours or minutes. The platform now enables teams to move from discovery to coverage gap analysis to prioritized remediation, all in one place. The business case is real. Texas A&M University used Axonius to gamify risk reduction across its decentralized schools and divisions, turning remediation into a leaderboard and dramatically accelerating time to closure. An entertainment company customer used Axonius during the 2024 CrowdStrike Blue Screen of Death incident to scope its impact and build a remediation plan in minutes -- delaying operations by just five minutes, while others faced days of disruption. Kottas also addresses the AI question head-on. He frames it as AI squared: the foundation for artificial intelligence is asset intelligence. Agentic AI and autonomous SOC workflows are only as reliable as the data underneath them. Conflicting endpoint counts across EDR, CMDB, and other tools produce dirty data that undermines AI trust. Axonius solves this by delivering a deduplicated, enriched asset graph with business context layered in -- so AI systems can make recommendations organizations can actually act on. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Angelos Kottas, VP of Product and Corporate Marketing, Axonius LinkedIn: https://www.linkedin.com/in/amkottas/ RESOURCES Axonius website: https://www.axonius.com Axonius Actionability Report: https://www.axonius.com (available on the Axonius website) Adapt 2026 (annual customer conference, April 15, New York City): https://www.axonius.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Angelos Kottas, Axonius, Sean Martin, asset intelligence, exposure management, cyber asset attack surface management, CAASM, vulnerability management, actionability, CISO visibility, AI in cybersecurity, agentic AI, asset discovery, coverage gap analysis, incident response, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Security teams have always struggled with the gap between finding vulnerabilities and fixing the right ones. DeCloss built PlexTrac after seeing that gap firsthand as a penetration tester -- watching critical findings disappear into static PDFs and manual spreadsheets with no real tracking, no accountability, and no way to demonstrate improvement. The platform was designed from the ground up to close that loop. The conversation gets specific about what contextual risk scoring actually means. A CVE rated 10.0 in the National Vulnerability Database may be irrelevant to a given organization; a lower-severity finding may be critical given the systems that organization actually runs. PlexTrac's newly launched MCP server correlates vulnerability data against real-world environmental context, making that distinction automated and actionable -- not something an analyst has to puzzle out manually every time. DeCloss walks through what the before state looks like for most teams: an annual pentest PDF, weekly scanner output, no unified view, and spreadsheet-based assignment that makes it nearly impossible to track who is working on what or whether anything is actually getting resolved. PlexTrac replaces that with a normalized, integrated platform that connects to Jira, ServiceNow, and Azure DevOps -- keeping workflows intact while adding the visibility that was always missing. On AI's role in the industry, DeCloss is measured but direct. AI is a force multiplier, not a job eliminator. Security has always operated with a talent shortage, and automation fills that gap. But AI also expands the attack surface -- and organizations that adopt it without a security framework create new exposure. The human in the loop, with real subject matter expertise, remains essential. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Daniel DeCloss, Founder & CTO, PlexTrachttps://www.linkedin.com/in/ddecloss/ RESOURCES PlexTrac: https://plextrac.com KEYWORDS Daniel DeCloss, PlexTrac, Sean Martin, vulnerability management, penetration testing, pentest reporting, risk prioritization, CVE scoring, MCP server, AI in cybersecurity, blue team, remediation tracking, CTEM, continuous threat exposure management, RSAC Conference 2026, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Eric Herzog, Chief Marketing Officer of Infinidat, sat down with Sean Martin for a booth-side Brand Highlight that reframes a familiar blind spot. Infinidat is a high-end enterprise storage company serving global Fortune 500 organizations and mid-range managed service providers -- and Herzog argues that leaving storage out of a corporate cybersecurity strategy means leaving the largest concentration of enterprise data exposed. Infinidat embeds cybersecurity directly into its storage platform through InfiniSafe, a software suite that has earned recognition from both storage and cybersecurity analysts. The centerpiece of the offering is a written guarantee: any dataset, regardless of size, will be recovered in one minute or less. Herzog explains that this is backed by immutable snapshots that cannot be altered or deleted, a management plane separated from the data plane, and AI/ML-powered scanning through InfiniSafe Cyber Detection that validates a snapshot is clean before it is restored. The goal is a "known good copy" -- a forensically clean snapshot that can be brought back with confidence. Herzog notes that security teams often focus on confidentiality and availability while underweighting integrity. Infinidat's approach addresses all three: snapshots are verified clean, recovery is fast, and the process is demonstrable in live proof-of-concept environments. At the beginning of April 2026, Infinidat recovered six petabytes in three seconds in a live demo. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Eric Herzog, Chief Marketing Officer, Infinidat LinkedIn: https://www.linkedin.com/in/erherzog RESOURCES Infinidat Website: https://www.infinidat.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Eric Herzog, Infinidat, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, enterprise storage, cybersecurity, ransomware recovery, data protection, InfiniSafe, immutable snapshots, cyber resilience, RSAC Conference 2026, next generation data protection, MSP security, storage security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not waiting for permission to deploy AI agents -- they are already in production, often without a clear picture of what those agents can access or who is accountable for them. Token Security was built specifically for this moment, and being named an RSAC Conference Innovation Sandbox finalist is confirmation that the market is catching up to the problem the company has been solving since 2023. Itamar Apelblat, co-founder and CEO, and Ido Shlomo, co-founder and CTO, came out of Israel's elite intelligence unit 8200 -- Apelblat from the defensive security side and Shlomo from offensive cyber operations. That shared background, and 17 years of partnership, shapes how Token Security approaches a problem that most identity vendors have not yet reckoned with: AI agents are not humans, and they are not standard machine identities either. The core concept is intent-based access management. Rather than looking at an agent's historical behavior and extending permissions based on the past, Token Security asks: what is this agent supposed to do? What is its purpose? Restrictions are then built around that intent. As Apelblat explains, agents are non-deterministic -- they will pursue a goal through whatever path is available, including ones you did not anticipate or want. Locking down access based on intent rather than history is the only approach that holds. Shlomo adds a dimension that makes the risk concrete: an AI agent forgets everything between sessions. Every interaction starts fresh. That means it does not remember a previous attack attempt. A sophisticated adversary who manipulates an agent today can try the exact same technique tomorrow. Combine that with the agent's relentless drive to satisfy its directive -- even to the point of deleting data or modifying infrastructure if that is what it takes -- and the case for an isolated, intent-scoped perimeter becomes clear. The customer journey at Token Security almost always begins after deployment. Organizations arrive saying, in effect: we think we have agents out there, can you help us find them? Visibility comes first -- discovering what agents exist, understanding their usage, mapping ownership, managing lifecycle. Policy enforcement comes after. Critically, Token Security achieves this without sitting as an inline broker. The platform connects to both the agent platforms and the business applications those agents reach, creating enforcement at both ends without introducing friction into developer workflows. Apelblat frames the architecture in terms of micro agents: purpose-specific, narrowly scoped, each with a well-defined role. Not one agent doing everything -- thousands of focused agents, each constrained to exactly what it needs. Shlomo puts the business case plainly: an agent with properly managed identity is not a chatbot, it is a member of a digital workforce. Get identity right, and the productivity multiplier is enormous. Get it wrong, and a single compromised agent can cascade across every connected system it touches. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTS Itamar Apelblat, Co-Founder & CEO, Token Securityhttps://www.linkedin.com/in/itamar-apelblat/ Ido Shlomo, Co-Founder & CTO, Token Securityhttps://il.linkedin.com/in/ido--shlomo RESOURCES Token Security website: https://www.token.security/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Itamar Apelblat, Ido Shlomo, Token Security, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI agent security, AI agent identity, non-human identity, NHI security, intent-based access management, privileged access management, zero trust, RSAC Conference 2026, Innovation Sandbox, identity lifecycle management, agentic AI security, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Vijit Nair, VP of Product Management at Corelight, joins Sean Martin on the floor of RSAC Conference 2026 for a conversation about what it takes to move security operations from AI-assisted to AI-autonomous. Corelight is the fastest-growing company in the network detection and response (NDR) space, and Nair has spent six years helping build the platform from early network monitoring to its current position as a Gartner Magic Quadrant Leader. The company's open NDR platform transforms raw network traffic into high-fidelity, unopinionated evidence -- and that evidence is now powering the next leap: agentic triage. Corelight's newly launched Agentic Triage product moves beyond the "level one" AI assistant model -- where a system answers questions but takes no action -- to a "level two" agent that actually investigates and triages alerts. It identifies the riskiest entities in an environment, collects all associated context and data, runs a full investigation cycle, and delivers a verdict with full evidence attached. Nair calls it "bringing the receipts": analysts see not just the conclusion but every step of the reasoning. Early results show a 10x increase in investigation speed and 60-70% of alerts being automatically triaged. The network is having a resurgence as an essential visibility layer, and Nair explains why: attackers have adapted to EDR. Nation-state-style campaigns like Volt Typhoon and Salt Typhoon operate in the network layer, targeting unmanaged devices, routers, firewalls, and VPNs that endpoint tools cannot see. Corelight almost always finds something in the first 30 days of a pilot deployment -- from shadow IT and shadow VPNs to active red team attacks using tools like Sliver-based C2 frameworks. On the question of SOC adoption, Nair pushes back on the assumption that hesitation comes from the top. The hunger for AI-powered tools runs from CISOs all the way down to the analysts dealing with alert overload and understaffed teams. A recent customer put it simply: "This is amazing. Please don't take it away from me." Nair frames the path to full autonomy as a spectrum -- from human-controlled to fully agentic -- and draws the comparison to Waymo: the journey is measured and incremental, but the destination is inevitable. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vijit Nair, VP of Product Management, Corelighthttps://www.linkedin.com/in/vijitn RESOURCES Corelight: https://corelight.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vijit Nair, Corelight, Sean Martin, network detection and response, NDR, agentic triage, AI SOC, autonomous security operations, SOC automation, network security monitoring, threat detection, AI-powered security, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ISACA has stepped into a defining role in the CMMC ecosystem, taking over as the CMMC Assessor and Instructor Certification Organization -- the CAICO -- for the U.S. Department of War's Cybersecurity Maturity Model Certification program. Recorded live at RSAC Conference 2026, this conversation with Todd Gagnon, the Director of the CAICO at ISACA, gets right to the heart of what that means for cybersecurity professionals, defense contractors, and anyone thinking about where their career intersects with the defense industrial base. The CMMC program exists to solve a persistent problem: too many companies doing business with the federal government had failed to properly implement required cybersecurity controls. Built around NIST 800-171's 110 security requirements, CMMC demands third-party, independent verification -- and that means a large, trained, credentialed assessor workforce. ISACA's role is to build and certify exactly that. Todd Gagnon walks through the two foundational credentials at the center of this effort: the CMMC Certified Professional (CCP) as the entry point, and the CMMC Certified Assessor (CCA) as the operational core. With roughly 800 credentialed professionals in the current ecosystem against a need measured in thousands, the stakes and the urgency are clear. What makes this conversation practically useful is the range of people it speaks to. Gagnon lays out who should be thinking about a CCP -- including professionals early in their careers and organizations that want internal staff who truly understand the CMMC framework, not just outside consultants. He explains the C3PAO model, how subcontractor compliance flows through the ecosystem, and why NIST 800-171 is a strong cybersecurity foundation regardless of whether an organization ever touches a government contract. The certification pathway is open to non-ISACA members, the CCP is designed to be accessible, and the knowledge transfers well beyond the federal contracting context. ISACA is also moving ahead of the curve: with NIST having released Revision 3 of 800-171, ISACA is already developing training content for the transition -- targeting late 2025 delivery so that a wave of Revision 3-ready professionals will be in place when the Department of War makes the regulatory shift. Todd Gagnon closes with a candid ask for patience as the April 1st transition from Cyber AB to ISACA takes effect, along with a clear statement of intent: the credentials issued under ISACA's watch should stand for something. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Todd Gagnon, Director, CMMC Assessor & Instructor Certification Organization (CAICO) at ISACA LinkedIn: https://www.linkedin.com/in/todd-gagnon-90b8a6264/ RESOURCES ISACA CMMC Certification Hub: https://www.isaca.org/cmmc ISACA Official Website: https://www.isaca.org KEYWORDS Todd Gagnon, ISACA, Sean Martin, Marco Ciappelli, CMMC, Cybersecurity Maturity Model Certification, CAICO, CCP, CCA, NIST 800-171, Defense Industrial Base, cybersecurity certification, DoD compliance, government contractors, brand spotlight, brand story, brand marketing, marketing podcast, RSAC Conference 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Sean Martin caught up with Rich Mogull at the Cloud Security Alliance booth for a candid conversation about where enterprise security programs stand -- and what it takes to keep pace with AI. Mogull, who joined CSA as Chief Analyst in October 2025, brings a practitioner's instinct to a research-first organization, and he arrived with a clear mandate: help organizations stop treating security frameworks as shelf documents and start treating them as operational tools. CSA operates across three pillars -- cloud, zero trust, and AI -- and Mogull is the first to acknowledge the identity tension that comes with that breadth. But his argument is consistent: each pillar represents a transformational technology that exposed the limits of existing security practices. "Our sweet spot is these transformational, disruptive technologies," he says. The same challenge that played out with cloud adoption is now repeating itself with AI, and CSA's job is to help security teams navigate it with research that is genuinely actionable. One of the most anticipated deliverables from Mogull's first year is the AI Security Maturity Model -- a structured framework that gives enterprise security programs a lens for assessing and improving their AI security posture. Modeled on CSA's Cloud Security Maturity Model (which Mogull also authored), it is built around measurable KPIs and designed to be as automatable as possible. After its first public draft drew over 600 comments from 60 international reviewers, Mogull is in the final stages of revision. The model covers governance, identity and access management, security monitoring, model security, AI infrastructure, agentic applications, MCP servers, and AI developer enablement -- a purpose-built lens for enterprise AI security programs, not a generic maturity template. Beyond the model itself, Mogull is building the operational infrastructure to help CSA members actually use it. The new Enterprise Membership program -- launched in March 2026 -- centers on the Operational Maturity Roadmap: a structured, year-long engagement where CSA analysts work directly with member organizations, providing monthly guidance, specific recommendations, and an annual progress report tied to measurable outcomes. The goal is to move CSA from research producer to implementation partner -- and to deliver the kind of decision support that scales beyond what any individual consultant can provide. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Rich Mogull, Chief Analyst, Cloud Security Alliance LinkedIn: https://www.linkedin.com/in/richmogull/ RESOURCES Cloud Security Alliance: https://cloudsecurityalliance.org CSA Enterprise Membership Program: https://cloudsecurityalliance.org/membership CSA AI Controls Matrix: https://cloudsecurityalliance.org/research/working-groups/ai-controls-matrix CSA Cloud Controls Matrix: https://cloudsecurityalliance.org/research/cloud-controls-matrix Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Rich Mogull, Cloud Security Alliance, CSA, Sean Martin, AI Security Maturity Model, cloud security, zero trust, AI security, enterprise security, security maturity model, RSAC Conference 2026, brand spotlight, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

On the RSAC Conference show floor, Tony Anscombe shared how ESET has expanded its threat intelligence offering with ECR reports -- designed to give commercial organizations both machine-readable feeds and human-readable analysis. The reason: threat actors are increasingly hard to attribute, they share tools, run coordinated campaigns, and reinvest profits into more sophisticated operations. Having someone do the research and surface actionable intelligence is no longer a luxury. Anscombe pointed to a telling campaign pattern from last year: threat actors refined attack methods against UK retailers, then rapidly adapted those same techniques against US retailers. The implication is clear -- your business may be unique in its infrastructure, but it is not unique in its sector. Understanding how your sector is being targeted is the foundation of a prevention-first posture. Automation came up as equally non-negotiable. If it takes three days to collect all the information needed to make a determination about an incident, the post-attack phase has already begun. ESET Inspect is designed to flip that equation: when an analyst opens an incident, the forensic analysis is done, the evidence is visualized, and the determination can be made on facts rather than gathered through investigation. Anscombe was careful to draw a line between automation as speed and automation as replacement. ESET's position is that AI should operate alongside human expertise -- trust and verify applies to AI-assisted analysis just as it does to any intelligence feed. Oversight remains essential, even as the tooling gets faster. A preview of upcoming survey data offered one of the more striking moments in the conversation. Roughly 35% of SMBs using MDR are sourcing that service directly from their cyber insurer. Anscombe flagged the monoculture risk: when a large share of businesses in the same sector run identical security stacks, a single point of failure becomes a sector-wide vulnerability. His advice after 30 years in the industry -- different organizations should deliberately choose different platforms to maintain diversity. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET: https://www.eset.com ESET Threat Intelligence: https://www.eset.com/int/business/services/threat-intelligence/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, threat intelligence, cyber resilience, MDR, EDR, XDR, managed detection and response, SMB security, cybersecurity automation, RSAC Conference 2026, prevention-first security, cyber insurance, monoculture risk, ESET Inspect, APT research Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the expo floor runs on one word: AI. But Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, has been watching the confusion this creates in real time. Visitors at the Stellar Cyber booth are asking the same question: does AI in cybersecurity mean a tool that fights AI-powered attackers, a tool that is AI-based, or something else entirely? Lisa Liu's take is direct -- if your messaging can't answer that question, the noise is winning. Stellar Cyber has been building toward a human-augmented, autonomous SOC for years -- long before "agentic" became the conference password. The logic driving that mission is not about market positioning. It is about what happens when AI makes a mistake at scale. One error in judgment can echo a thousandfold. Human oversight is not a limitation on the platform -- it is the architecture. The goal is not to put a human on the sidelines as a safety check. The goal is to make every analyst perform at a higher level, so a junior analyst works at the capability of a senior analyst. Lisa Liu draws on the Waymo analogy familiar to anyone walking the streets of San Francisco this week: autonomous vehicles went from having a safety driver present to running solo. But when a power outage knocked out every Waymo unit simultaneously, the city needed humans to step in immediately. The same principle applies to security operations. Agentic AI is changing the analyst's role -- replacing alert fatigue and log chasing with higher-order problem solving -- but human involvement in the process is not going away. For SOC teams asking how to get there, Lisa Liu is clear: success is not a rip-and-replace project. Success is minimal personnel disruption and maximum operational efficiency -- repositioning existing tools to work smarter without exposing the organization to weeks of vulnerability during a rebuild. Stellar Cyber's platform integrates with existing SIEMs and tools, adds coverage across network, endpoint, identity, and cloud environments, and offers hundreds of pre-built integrations with more being added continuously. For managed security service providers serving clients across different industries and risk profiles, that kind of unified visibility is what makes the business model scale. The outcomes are specific. One Stellar Cyber customer reported that analysts were 83% more accurate in their threat environment analysis. Lisa Liu frames that number carefully: analysts are not measured by what they catch -- they are measured by what they miss. Any meaningful improvement in accuracy is not just a business metric. It changes how people feel about their work. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyberhttps://www.linkedin.com/in/lisaaliu/ RESOURCES Stellar Cyber: https://stellarcyber.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, RSAC Conference 2026, human-augmented SOC, autonomous SOC, AI-native security operations, Multi-Layer AI, MSSP security platform, SOC analyst efficiency, alert triage, agentic AI cybersecurity, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Daniel Bardenstein, CEO and co-founder of Manifest Cyber, opens with a candid assessment: the fundamental problem hasn't changed since Log4Shell. Organizations still don't understand what's inside the software and AI they build and buy. A recent Manifest Cyber study found a 40-50% gap between how well CISOs believed their security posture was managed and how their own AppSec teams rated the reality. Traditional SCA tools bury analysts in alerts without enabling response. Third-party tools hand out letter grades without reflecting actual empirical risk. The result is what Bardenstein calls the illusion of transparency -- confidence in visibility that doesn't actually exist. The hidden sources of risk go deeper than most teams realize. C/C++ code underpins critical infrastructure across medical devices, automotive, defense, and financial services -- yet most scanning tools can't effectively analyze it. Third-party binaries carry serious risk that vendors rarely disclose. Open source libraries that haven't been updated in years represent quiet exposure. And AI adoption is adding a new layer of opacity: datasets of unknown provenance, open-weight models with untested risk profiles, and AI-embedded applications where organizations have no visibility into what models or agents are operating underneath. Bardenstein frames the path forward in three dimensions: rapid response when a new issue emerges, proactive inventory and monitoring of critical dependencies, and supply chain risk stopped at the procurement gate before it enters the enterprise. When customers demand SBOMs as a condition of doing business, vendors improve -- and those improvements flow to all their other customers as well. Manifest Cyber sees this market dynamic as one of the most powerful forces for making the software ecosystem more secure. The conversation also takes on accountability. Drawing on his time leading technology strategy at CISA, Bardenstein argues that the burden of transparency must fall on the people who write software, not those who buy and use it. The "transparency tax" -- the hidden cost of cheap or opaque technology -- only surfaces after something goes wrong, in the form of incident response, people-hours, and exposure. Compliance drivers like the EU Cyber Resilience Act are reinforcing this shift, but market pressure from major banks, pharmaceutical companies, and government is already moving faster than regulation. Manifest Cyber automates the hard work: generating SBOMs, analyzing binaries, surfacing risk in C/C++ and third-party dependencies, and enabling fast, owner-assigned remediation. One customer went from zero to generating SBOMs across their entire fleet in 90 seconds -- without touching a command line. The platform is built to keep engineer velocity high, surface risk in plain language for procurement and risk teams, and make supply chain security accessible to the entire organization, not just the AppSec team. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Daniel Bardenstein, CEO and Co-Founder, Manifest Cyber LinkedIn: https://www.linkedin.com/in/bardenstein/ RESOURCES Manifest Cyber: https://www.manifestcyber.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Daniel Bardenstein, Manifest Cyber, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, software supply chain security, SBOM, Software Bill of Materials, AIBOM, AI supply chain, Log4Shell, software transparency, SCA tools, C/C++ security, open source risk, Secure by Design, EU Cyber Resilience Act, supply chain risk management, third-party risk, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The security operations center is under pressure from every direction -- rising alert volumes, fragmented data environments, and a skills gap that no amount of hiring fully closes. At RSAC Conference 2026, Monzy Merza of Crogl sat down with Sean Martin and Marco Ciappelli to talk about what the AI-enabled SOC actually looks like when it is working at enterprise scale. Crogl recently published the State of the AI SOC report, a survey of more than 600 organizations. The headline finding: nearly 40% of alerts go completely unattended. Not triaged. Not escalated. Just missed. The report also found that a large share of respondents rank the security of an AI system above its raw capability -- trust before performance. Merza says the goal of the report was part data, part demystification, and part empathy building -- giving security leaders permission to recognize that everyone is dealing with the same problems. Crogl's knowledge engine is built on a foundational premise: data is fragmented in the enterprise, and that is not going to change. Rather than requiring data normalization before analysis, Crogl builds an enterprise semantic knowledge graph that maps relationships across data lakes, SIEMs, and SOAR platforms, wherever the data lives. Analysts no longer need to navigate schemas or query languages. Crogl handles the investigation and surfaces what matters. Merza describes two compressor effects his customers experience. A competency compressor allows any analyst to draw on multiple data lakes at once. A domain knowledge compressor lets Crogl work across alert types -- phishing, endpoint, and beyond -- rather than routing each to a specialist. The result is a team that operates well above its apparent headcount. One customer example: a CISA advisory that would take hours to manually parse can be uploaded into Crogl and assessed across the enterprise footprint -- IOC mapping and detection coverage -- in sub-hours. The same logic extends to compliance, where audit data calls that once required manual query-by-query execution can now be executed by Crogl against a full 500-query data call at once. On the jobs question, Merza takes a clear position: AI will create more security jobs, not fewer. Every new AI deployment is a new attack surface. Every new footprint needs to be defended. The repetitive tier-one work is going away -- but the volume of meaningful security work is expanding and the entry level is rising. The organizations getting ahead of this are already standing up AI review boards and putting security capability at the center of how they evaluate new AI tools. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl LinkedIn: https://www.linkedin.com/in/monzymerza RESOURCES State of the AI SOC Report (free download): https://www.crogl.com Crogl: https://www.crogl.com AI SOC Summit: https://aisocsummit.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Monzy Merza, Crogl, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI SOC, security operations center, SOC automation, AI in cybersecurity, alert fatigue, security data lakes, SIEM integration, enterprise knowledge graph, threat intelligence, CISA advisory, Volt Typhoon, RSAC Conference 2026, RSAC 2026, cybersecurity AI, autonomous investigation, SOC analysts, security workforce, CISO strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hewlett Packard Enterprise has been rethinking what it means to secure an enterprise network -- and the answer they keep arriving at is that security cannot be an afterthought. At RSAC Conference 2026, Mounir Hahad, Head of HPE Threat Labs, sat down with Sean Martin to walk through what that philosophy looks like in practice and what two major announcements at the show mean for security teams. One of those announcements is the HPE AI firewall -- a solution built specifically for organizations trying to govern how employees use generative AI tools without shutting down innovation. Mounir Hahad frames the challenge directly: gen AI has doubled the attack surface, and organizations that fail to act risk both data leakage and a loss of confidence in the technology itself. The AI firewall starts with visibility -- showing which AI services employees are using, what data is moving where, and whether private information is leaking to external services -- and then gives administrators the tools to set and enforce policy. The second announcement is the formal launch of HPE Threat Labs, which brings together threat research capabilities from both Hewlett Packard Enterprise and the former Juniper Networks. The combined team covers both threat analysis and vulnerability analysis -- capabilities that were previously siloed. HPE Threat Labs has published its inaugural In the Wild threat report, drawing on telemetry, honeypots, and open-source intelligence to give CISOs and decision makers a clear view of how cybercrime has industrialized, why attacks are increasingly targeted, and why high-confidence alerts matter more than ever. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Mounir Hahad, Head of HPE Threat Labs, Hewlett Packard Enterprise LinkedIn: https://www.linkedin.com/in/mounirhahad/ RESOURCES HPE Threat Labs: https://www.hpe.com HPE Threat Labs 2026 In the Wild Threat Report: https://www.hpe.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Mounir Hahad, Hewlett Packard Enterprise, HPE, HPE Threat Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, AI firewall, generative AI security, network security, threat intelligence, SASE, cybercrime, RSAC Conference 2026, threat research, enterprise security, AI governance, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Anthony Cusimano, Chief Evangelist and Director of Solutions Marketing at Object First, joins Sean Martin on the show floor to break down what separates truly immutable storage from the checkbox version. The answer comes down to zero access: no command line interface, no root access, no administrative back doors at any layer -- for customers or for Object First itself. Object First appliances are purpose-built for Veeam and ship with S3 protocol storage in automatic compliance mode, versioning, and object lock. Once data is written and a retention period is set, nothing -- no admin, no attacker, not even the vendor -- can touch it. Cusimano describes the architecture as a storage utility, not an administration platform: Veeam handles all backup policy and configuration; Object First handles one thing only, ensuring the data cannot be erased. The statistics behind the design are sobering. According to Cusimano, 96 percent of ransomware attacks specifically target backup data -- a figure validated across four independent industry surveys. Organizations that rely on encryption alone, without immutable storage, are leaving a critical gap that attackers have learned to exploit. Many do not discover that gap until recovery is already underway. Cusimano also makes the case for recovery testing as a security priority in its own right. He recommends full tabletop exercises that assume worst-case conditions: every admin credential compromised, active directory gone. Teams that run through this process discover gaps in their architecture that no amount of vendor documentation will surface. His practical tip -- collect coworkers' cell phone numbers before an incident -- reflects just how complete the communications blackout can be when directory services fail. Two capabilities from Object First round out the conversation. Fleet Manager, launching May 6th, gives managed service providers and large enterprises a single SaaS dashboard to manage all Object First instances with unified telemetry and honeypot visibility -- with no backup data leaving the appliance. And the honeypot feature, included on every device at no cost, simulates a Veeam backup and replication server as a decoy. When agentic AI-driven attacks probe the environment, they interact with the honeypot exactly as they would a real target, triggering alerts that can surface threats days or weeks before a full attack develops. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Anthony Cusimano, Chief Evangelist & Director of Solutions Marketing, Object First LinkedIn: https://www.linkedin.com/in/anthonycusimano89/ RESOURCES Object First website: https://objectfirst.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Anthony Cusimano, Object First, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, ransomware, immutable storage, backup security, Veeam, data protection, RSAC Conference 2026, cyber resilience, absolute immutability, ransomware recovery, Fleet Manager, honeypot detection, managed service providers, zero trust storage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the noise is relentless. Vendor booths, AI pitches, and breathless marketing compete for attention at every turn. Michael Parisi, Chief Growth Officer at Steel Patriot Partners, joins Sean Martin and Marco Ciappelli on the ground in San Francisco to name what too few are willing to say out loud: most of the conversation happening on the show floor does not reflect the conversations that actually matter. The real exchanges, Parisi says, are happening backstage -- in the hallways, over coffee, between practitioners who trust each other enough to ask: does this vendor actually do what they say? That shift back to peer-driven trust is not a trend. It is a correction. Security leaders are exhausted and fragile, operating under intense pressure, and they are returning to the relationships they know rather than the research tools and AI-generated answers they do not trust. Steel Patriot Partners was built around exactly that dynamic. Their operating principle -- business owners first, engineers second, compliance and security people third -- runs counter to how most consulting firms approach an engagement. Rather than leading with frameworks or certifications, the team starts by asking what outcome the client is actually trying to achieve. Parisi is candid about how often that conversation leads them to steer a client away from the path they came in convinced they needed. That willingness to say no -- and mean it -- is what sets a trusted advisor apart from a vendor. The outcome-first philosophy shapes every engagement. As founder Jason Ford says, 80% of what Steel Patriot Partners does is a therapy session. Organizations coming in with complex compliance challenges -- FedRAMP, CMMC, HITRUST, DoD IL -- need more than a checklist. They need a partner who has lived those journeys themselves, made the mistakes, and can speak honestly about what is worth pursuing and what is not. Parisi's advice to anyone evaluating a consulting partner is pointed: ask the question up and down the team, not just of the founder. The firms that have genuinely lived what they sell -- and can talk about the failures as clearly as the successes -- are the ones worth trusting when the stakes are high. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Michael Parisi, Chief Growth Officer, Steel Patriot Partners LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/ RESOURCES Steel Patriot Partners: https://www.steelpatriotpartners.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Michael Parisi, Steel Patriot Partners, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cybersecurity consulting, compliance advisory, FedRAMP, CMMC, HITRUST, DoD IL, trusted advisor, outcome-based consulting, vendor trust, cybersecurity noise, RSAC Conference 2026, security leadership, GRC, business risk, human in the loop Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Dr. Chris Pierson, Founder and CEO of BlackCloak, sat down with Sean Martin and Marco Ciappelli for a conversation that has become something of an annual tradition. What started in 2018 as a category BlackCloak largely invented -- digital executive protection -- has become one of the most pressing concerns in enterprise security. Adversaries have figured out that the easiest path into a company often runs straight through the personal lives of its leaders: the About Us page, the board listing, the family members visible on social media. BlackCloak was built to close that gap. BlackCloak announced at RSAC Conference 2026 the launch of its new travel advisory platform -- a tool designed to give executives and their families actionable, real-time intelligence when traveling domestically or internationally. Pierson explained that CISOs and CSOs are increasingly being asked questions that go well beyond network security: what are the crime trends in this city, what embassy contacts are needed, which areas should be avoided? The platform distills complex, fast-moving threat intelligence into concise briefings -- four or five pages, mobile-accessible, and built for the executive and the family members traveling alongside them. On the privacy side, BlackCloak introduced Search Suppression -- a new feature that goes further than data broker removal alone. Even after information is scrubbed from the major data broker sites, traces of personally identifiable information can persist across the open internet. Search Suppression identifies those instances and requests their removal from search engine results, shrinking the digital footprint that attackers use to build targeted OSINT profiles. And because the threat surface shifts as executives' children age and begin generating their own data trails, the platform monitors continuously -- not just at a single point in time. Pierson also addressed the deepfake threat head-on. BlackCloak re-released its Impersonation Protection feature with deeper capabilities specifically designed for this problem. Plugin-based detection tools for Teams or Zoom leave the most common attack vectors -- phone calls, text messages, WhatsApp, Signal -- completely unaddressed. Impersonation Protection allows members to push a quick identity-verification request through the BlackCloak app to anyone in their trusted circle, regardless of how the original communication arrived. If verification fails, alarm notifications fire to both the CISO and the BlackCloak team. In a world where high-quality deepfake audio and video can be synthesized from publicly available earnings call recordings and media appearances, slowing down to verify through a trusted channel is one of the most reliable defenses available. The conversation closed on the concept of trust -- a word Pierson returned to repeatedly. It is, he said, the reason people choose BlackCloak. The relationships the company builds with CISOs, CSOs, and the executives and families they protect require trust that is built carefully and maintained continuously. As BlackCloak scales, preserving that culture is something Pierson thinks about deeply. For a company whose entire business is built on protecting people in their most personal digital spaces, trust is not just a value. It is the product. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Dr. Chris Pierson, Founder and CEO, BlackCloakhttps://www.linkedin.com/in/drchristopherpierson/ RESOURCES BlackCloak official website: https://blackcloak.io BlackCloak Digital Executive Protection Platform: https://blackcloak.io/product/ Request a BlackCloak demo: https://blackcloak.io/executives/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Dr. Chris Pierson, BlackCloak, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand spotlight, digital executive protection, executive cybersecurity, personal cybersecurity, deepfake defense, impersonation protection, travel advisory security, search suppression, data broker removal, OSINT, executive privacy, RSAC Conference 2026, RSAC 2026, cybersecurity, privacy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode from RSA Conference 2026, Marco Ciappelli sits down with Ben Halpert, founder of the non-profit organization Savvy Cyber Kids, to discuss the critical intersection of child development and technology. Since its founding in 2007, Savvy Cyber Kids has been on a mission to provide parents and educators with the tools needed to guide children through the digital world. Ben explains why introducing technology too early can be detrimental to a child’s emotional preparedness and brain development, and why adult-led guidance is essential even when kids seem like "tech experts". In this conversation, we explore: The Evolution of Threats: Moving from MySpace and CRT monitors to 24/7 access via mobile devices. Early Intervention: Why the "rhyme and picture book" approach works for children as young as three to teach concepts like online aliases and stranger safety. Safe AI for Kids: Introducing a new partnership with Chaperone, a platform featuring "homework mode" and parental controls to ensure AI is a tool for learning, not a shortcut for thinking. Going Global: How the organization has expanded internationally with materials translated into Spanish, German, French, and Hebrew. About Our Guest Ben Halpert is a cybersecurity veteran with over 25 years of experience and the founder of Savvy Cyber Kids. He is dedicated to helping parents navigate the "wild" of the internet with positive, developmentally appropriate programming. Resources Savvy Cyber Kids Website: savvycyberkids.org More RSAC 2026 Coverage: itspmagazine.com/rsac Marco's Website: Marcociappelli.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode, Marco Ciappelli sits down with Hoala Greevy, founder of Paubox, to discuss a mission-driven initiative aimed at changing the face of the technology industry. What started as a celebratory giveaway of spam musubi for Paubox customers has evolved into the Paubox Kahikina Scholarship, a recurring $1,000 annual grant for Native Hawaiian students pursuing careers in STEM and technology. Key Highlights: • The Mission: To encourage Native Hawaiians—who are significantly underrepresented in tech and medical fields—to pursue and stay in STEM careers. • The Impact: Since 2019, the scholarship has grown from a single recipient to 62, providing both financial aid and direct access to a professional network. • Beyond the Money: Recipients share their college journeys through annual blog posts or vlogs, creating a community of future leaders. • New Milestones: Hoala discusses the scholarship's recent 501(c)(3) nonprofit status, opening the doors for corporate partnerships and expanded funding. How to Support or Apply: If you are a Native Hawaiian student pursuing STEM, or if you are interested in donating to the fund, visit the link below: • Website: https://www.paubox.com/kahikina-stem-scholarship • Application Deadline: May 31st. Marco's Website: https://www.marcociappelli.com ITSPmagazine: https://www.ITSPmagazine.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.