Most organizations think AI risk lives in the model – or the identity. It doesn't. It lives in the data. In this episode, BigID's CEO reframes the conversation: why legacy access controls are breaking down, why visibility into sensitive data is the missing foundation, and what it takes to govern humans and machines under a single, accountable framework.
We're seeing more and more 3rd and 4th party attacks that chain through multiple layers of compromised tools and services. In this topic segment, we discuss the two main aspects of this trend:
How we can stop the chain of breaches from a third party library, vendor, or service provider
How this might get handled at the legal, contractual, and organizational levels
We discuss two big recent examples:
Sonicwall's 2025 breach of their cloud firewall configuration backup service
The compromise of Aqua Security's widely used Trivy open source tool
The Weekly Enterprise News
Finally, in the enterprise security news,
Funding and M&A courtesy of the Security, Funded newsletter
We have evidence that attackers are leveraging AI now (this sounds like old news, but there was little to no evidence before, when people were claiming this)
The Angry admin problem emerges again
Vulnerability information is getting crazy to keep up with
Breach information is getting crazy to keep up with
You can give your Agents an allowance now - don't spend it all in one place
Are vulnerabilities sparse or dense?
Mythos, as a model, isn't all that special
Deploy your own deception sensors!
Japan made something weird. Again.
All that and more, on this episode of Enterprise Security Weekly.
Podden och tillhörande omslagsbild på den här sidan tillhör
Adrian Sanabria. Innehållet i podden är skapat av Adrian Sanabria och inte av,
eller tillsammans med, Poddtoppen.
