We catch up on the news, including AI vuln hunting; also more RSAC interviews! - Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert - ESW #454

Segment 1: We cover the weekly enterprise news!

Segment 2: RSAC interviews from ArmorCode and Filigran

ArmorCode: AI Exposure Management and Governing Shadow AI

AI is moving faster than most governance models can keep up. As organizations race to adopt new AI tools, developer workflows, agents and MCP servers, security leaders must enable innovation without losing control over risk, accountability and oversight. In this segment, ArmorCode will discuss its new AI Exposure Management (AIEM) solution, as part of the ArmorCode Agentic AI Platform. ArmorCode will highlight how AIEM gives enterprises clearer visibility into where AI is being used, who owns it and the potential risks it introduces across heterogeneous environments. By turning AI usage and signals from existing security and IT systems into governed, auditable outcomes, AIEM helps organizations reduce shadow AI risk, assign accountability and accelerate AI adoption with stronger control and board-ready governance. ArmorCode will also share findings from its new 2026 State of AI Risk Management report, developed in partnership with The Purple Book Community and based on responses from more than 650 enterprise security leaders. The discussion will connect ArmorCode's latest product innovation to the broader industry need for scalable, enterprise-ready AI risk governance.

ArmorCode AI Exposure Management is available now as a solution deployed on the ArmorCode Agentic AI Platform. To learn more, visit https://securityweekly.com/armorcodersac.

Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence

In a time where the ability to turn intelligence into decisive action is a true competitive advantage, organizations must move beyond reactive alert triage to a proactive, threat-informed defense. This segment explores how unifying threat intelligence with adversarial attack simulation enables a Continuous Threat Exposure Management (CTEM) framework that replaces hype with measurable outcomes. We will discuss why these are no longer just technical security conversations, but critical business strategies that provide the board and C-suite with the clarity and confidence to reduce risk and focus resources where they matter most.

This segment is sponsored by Filigran. Visit https://securityweekly.com/filigranrsac to learn more about them!

Segment 3: RSAC interviews with Sekioa and Fortra

Agentic AI: Don't Make Your SOC Faster at Being Wrong

Adding AI agents to an unprepared SOC doesn't make it smarter; it just makes it "faster at being wrong." Georges Bossert challenges the industry hype to explain why true autonomy relies on reliable context and structured runbooks, not just prompts. He will discuss how to build the necessary foundations to automate rapidly without losing control.

This segment is sponsored by Sekoia.io. Visit https://securityweekly.com/sekoiarsac to discover their AI SOC Platform!

Scripted Sparrow: A Prolific BEC Group

In December, Fortra Intelligence and Research Experts (FIRE) released a major report exposing Scripted Sparrow, one of the most active Business Email Compromise (BEC) collectives operating today. The group sends an estimated 6 million highly targeted scam emails each month, impersonating executive coaching firms and leveraging spoofed reply chains, missing attachment lures, and evolving multilingual campaigns. FIRE's investigation links the collective to 119 domains, 245 webmail accounts, and 256 bank accounts, with members operating across three continents and continually refining their fraud techniques at scale.

This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them!

Show Notes: https://securityweekly.com/esw-454