AI Security Podcast cover art

AI Security Podcast

AI Security Podcast

Written by: TechRiot.io
Listen for free

The #1 source for AI Security insights for CISOs and cybersecurity leaders. Hosted by two former CISOs, the AI Security Podcast provides expert, no-fluff discussions on the security of AI systems and the use of AI in Cybersecurity. Whether you're a CISO, security architect, engineer, or cyber leader, you'll find practical strategies, emerging risk analysis, and real-world implementations without the marketing noise. These conversations are helping cybersecurity leaders make informed decisions and lead with confidence in the age of AI.TechRiot.io
Episodes
  • Why AI Agents Are Forcing a Redesign of Application Security?
    Jun 26 2026

    When the CEO of Anthropic declares that human coding will disappear within six months, followed quickly by the death of software engineering itself, what does that mean for the future of cybersecurity?

    In this episode, Ashish and Caleb break down the massive paradigm shift caused by AI coding assistants like Claude Code. Caleb shares his firsthand experience building and deploying software where he has never looked at a single line of the underlying code, arguing that while the need for security will never go away, the humans performing those roles very well might .

    We explore the illusion of AI prototyping why building a quick AI tool is easy, but maintaining it in production is a nightmare and dive deep into the "Build vs. Buy" debate . Caleb predicts an upcoming "forest fire" that will wipe out bloated security startups, forcing the market to consolidate around vendors with true, defensible moats based on network effects, hardware integration, or complex regulatory expertise


    Questions asked:

    (00:00) Introduction(02:50) The Anthropic CEO's Claim: Is Software Engineering Dead? (04:00) Separating Coding from Software Engineering (06:50) Managing Software Without Ever Looking at the Code (08:30) Will AI Eliminate the AppSec Team? (10:30) The Challenge of Legacy Code (COBOL on Mainframes) (15:10) Shifting Focus: From Code Analysis to Agentic Execution (18:00) The Coming "Forest Fire" in the Security Startup Landscape (21:00) The "Build vs. Buy" Illusion: Prototyping vs. Production (36:30) How to Build a Defensible Moat in AI Security (41:00) Why Hardware and Red Tape Are the Ultimate Moats (46:30) The AI Scaffolding Approach for Enterprises (47:50) Automating SIEM Detections


    Resources spoken about during the episode:

    World Economic Form - Davos 2026

    Show More Show Less
    52 mins
  • Why Asset Intelligence is Replacing the CMDB & Static Dashboards
    Jun 11 2026

    Why do CISOs still struggle with asset intelligence in 2026? Despite decades of security tooling, most organizations still have a massive 40% "dark matter" blind spot in their environment and the explosion of ephemeral AI agents is only making it worse.

    In this episode, Ashish and Caleb sit down with Joe Diamond, CEO, Axonius to discuss the evolution of the asset space. We explore why traditional CMDBs (which track business processes and IT hardware) fall short for cyber asset attack surface management (CAASM), and why the industry is shifting from static asset inventory to dynamic asset intelligence. Joe spoke about how AI agents whether they run for five minutes or five months must be treated as a distinct asset class, complete with their own access logs and token utilization tracking.

    The conversation also goes into the future of enterprise software interfaces. Joe predicts that within three to five years, the traditional dashboard UI will completely disappear, replaced entirely by natural language prompts and AI-driven BI. Finally, we tackle the "Build vs. Buy" dilemma: if AI can integrate tools in five minutes, why do we still need vendors?


    Questions asked:

    (00:00) Introduction(01:50) Joe Diamond's Background and Journey into Cybersecurity(02:50) Why Asset Management is Still an Unsolved Problem(04:00) The 40% "Dark Matter" Blind Spot in Enterprise Environments(05:30) How Do We Actually Define an Asset?(08:30) CMDB vs. Asset Intelligence: Understanding the Delta(12:30) Defining AI Models and AI Agents as an Asset Class(15:30) Do Ephemeral AI Agents Need to be Tracked?(18:30) The "Time Machine" Feature: Tracking Asset Configuration Drift(20:30) Use Case: Remediating the CrowdStrike Outage Using Asset Intelligence(23:30) Why You Need Asset Intelligence if You Already Have CSPM/CNAPP(31:30) The End of the UI: Why Dashboards Will Be Replaced by AI Prompts(36:30) A Simple 3-Question Framework for AI Asset Management(38:30) Build vs. Buy: Why AI Cannot Operate and Maintain Software

    Show More Show Less
    43 mins
  • The AI AuthZ Problem: Why Human Least Privilege Fails for Autonomous Agents
    Jun 4 2026

    Why are security leaders terrified of connecting AI agents to production data? Because unlike humans, AI agents don't apply judgment, and they operate at machine speed, meaning they can relentlessly hunt down production credentials and do catastrophic damage before a human analyst even blinks.

    In this episode, Ashish and Caleb sit down with Graham Neray, CEO of Oso, to tackle the massive, unsolved problem of AuthZ (Authorization) for autonomous AI. We explore why the industry's reliance on static, over-permissioned human identities is a recipe for disaster when applied to tools like Claude Code and Notion Agents. Graham explains the dangerous pitfalls of allowing agents to adopt the permissions of their human operators (privilege escalation), versus the complexity of assigning agents their own unique service accounts.

    The conversation dives deep into the fragmented agent security market. Should you deploy a browser extension, an endpoint sensor, or an edge proxy?. Learn why blocking destructive actions is a flawed approach (because agents need to destroy things to work), and why the future of AI AuthZ requires dynamic, data-level policies and continuous "human in the loop" validation.


    Questions asked:

    (00:00) Introduction(02:50) Graham Neray’s Background and the Mission of Oso(04:20) Why No One is Actually Building Their Own Agents(05:50) The Core Anxiety: Connecting AI to Production Data(07:20) Why Humans Have Judgment and Agents Don't(11:00) The Unsolved Crisis of Human Least Privilege(16:50) Agent Identities: Adopting User Permissions vs. Unique Service Accounts(18:20) Case Study: Privilege Escalation in Agent Alpha Testing(20:00) Background Agents and Unique Identities (Notion, Cursor, Perplexity)(22:30) Why You Need a Governance Plane Outside the AI Product(25:50) The False Promise of Blanket "No Destructive Actions" Policies(33:30) How to Deploy Agent Security: Browsers, Endpoints, and Proxies(38:30) Why No One Actually Uses the "Block" Feature in Security(41:50) The Context Problem: When is an RM-RF Command Good vs. Bad?(43:30) The Future of AuthZ: Resource and Data-Level Agent Permissions


    Thank you to Oso for sponsoring this episode of AI Security Podcast.

    Show More Show Less
    48 mins
adbl_web_anon_alc_button_suppression_t1
No reviews yet