Office Hours with David Girvin
Weekly office hours with David Girvin. Check out recent feature releases and updates, watch a quick live demo, and ask any questions with live Q&A.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Agentic workflow automation: governing AI agents inside workflows
AI agents don't behave like the playbooks security and IT teams have spent years building. They form intent, select tools at runtime, and chain actions across systems in sequences nobody pre-authored. This means dropping an LLM into an existing automation sequence and expecting it to act like a smarter playbook is the fastest route to ungoverned, unpredictable outcomes.
Turn Jira Service Management into a Governed Access Control Platform
As a fintech organization, you depend on multiple systems like AWS, Databricks, Snowflake, Power BI, Stripe Treasury, Identity Providers (IdP), developer tools, internal operational platforms, and many more. Managing access and access level across platforms is often disconnected and spread across emails, Slack approvals, tickets, and sometimes spreadsheets. Obviously, this is inefficient. There'll be delays in onboarding. But that's the least of your worries.
The Hard Truth About Ransomware Recovery
Restoring data is only half the battle. You must validate every privileged account and device relationship before going back to production.
Cyber Sessions with Sohail Iqbal, CISO at Veracode | CSO Cybersecurity Conference & Awards
As AI accelerates software development at machine speed, security teams are struggling to keep up with remediation. In this insightful interview, Veracode CISO Sohail Iqbal breaks down the security realities of AI-assisted coding and shares how organizations can close the growing gap between code velocity and secure deployment.
How we're actually using AI in the SOC with Eric Capuano
Join us for the final episode of Defender Fridays as Eric Capuano, creator of Defender Fridays and co-founder of Digital Defense Institute, closes out the series with a candid conversation on how he's actually building and running agentic workflows in the SOC today. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
After Executive Order 14409: Next Steps for Securing AI
Adversaries are using AI to attack with unprecedented speed and precision. This trend, coupled with the rapidly growing use of agentic AI, means it is now necessary to use AI to protect and defend the modern tech stack. It is timely that on June 2, 2026, President Trump signed Executive Order 14409 on Promoting Advanced Artificial Intelligence Innovation and Security. At a high level, this EO validates that security is fundamental to reaping the benefits of AI.
Active FortiBleed Campaign Impacting Fortinet Devices Across 194 Countries
In mid-June 2026, security researchers identified an active, large-scale credential compromise campaign affecting Fortinet FortiGate firewalls, dubbed FortiBleed. Threat actors have been systematically extracting configuration files from internet-facing FortiGate devices and cracking the stored credential hashes, resulting in verified working administrator credentials for between 30,000 and 75,000 devices across 194 countries.
The AI jailbreak problem isn't going away, and compliance frameworks need to catch up
A few weeks ago, the U.S. government issued a directive requiring Anthropic to suspend access to two of its frontier AI models, Fable 5 and Mythos 5, citing concerns about a reported jailbreak technique. Anthropic complied, even while publicly disputing whether the finding warranted such a dramatic response. I'm not here to relitigate that specific decision. But the incident forced a question our industry has been dancing around for too long.
Visibility Isn't Security: Why Agentic AI Requires Business Logic Enforcement
Organizations are investing heavily in securing their AI initiatives. New governance frameworks are being established, AI usage policies are being drafted, and security teams are deploying tools that provide visibility into AI agents, models, APIs, MCP servers, and connected applications. Across the industry, visibility has become the first priority in securing agentic AI. This focus is understandable. Most organizations are still trying to answer foundational questions.