Aligning teams for effective remediation, Anthropic’s latest report, and the news – Ravid Circus – ESW #434
Interview with Ravid Circus
Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations.
Segment Resources:
https://seemplicity.io/papers/the-2025-remediation-operations-report/
https://seemplicity.io/blog/2025-remediation-operations-report-organizations-still-struggle/
Topic Segment: Thoughts on Anthropic's latest security report
Ex-SC Media journalist Derek Johnson did a great job writing this one up over at Cyberscoop: China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
There are a number of interesting questions that have been raised here. Some want more technical details and question the report's conclusions. How automated was it, really?
I found it odd that Anthropic's CEO was on 60 minutes the same week, talking about how dangerous AI is (which is his company's primary and only product).
I think one of the more interesting things to discuss is how Anthropic has based its identity and brand on AI safety. While so many other SaaS companies appear to be doing the bare minimum to stop attacks against their customers, Anthropic is putting significant resources into testing for future threats and discovering active attacks.
News Segment
Finally, in the enterprise security news,
- vendor layoffs have started again
- the sins of security vendor research
- the pillars of the Internet are burning
- selling out to North Korea isn’t worth what they’re paying you
- ransom payments, in 24 easy installments?
- a breach handled the right way
- we probably shouldn’t be putting LLMs into kids toys
- ordering coffee from the terminal
All that and more, on this episode of Enterprise Security Weekly.
Ravid is a cybersecurity expert with a successful track record of over 20 years. As the former VP of Customer Success and VP of Products at Skybox Security, Ravid brings a unique combination of deep technical excellence with practical, hands-on experience.
Adrian Sanabria
- FUNDING/M&A – via the Security, Funded newsletter, issue #220 – When AI Investment Turns People Divestment
VIBE CHECK
Q: What’s something you wish AI agents could do for your security program?
A1: Perform third-party risk analysis
A2: Handle all IAM and onboard/offboarding requests
Nothing else even close.
LAYOFFS?!
Uh-oh - suddenly the Security, Funded newsletter has a layoff section for the first time in a long time. This can’t be good.
- Axonius AXes (sorry) 10% of its workforce, or about 100 people, citing an acquisition and restructuring. The acquisition was Cynerio, a medical device security startup.
- Bitdefender laid off 125 employees, 7% of its workforce. “Restructuring.”
- Deepwatch laid off 70 employees, 25% of its workforce, supposedly “due to restructuring and investing more in AI…” <- I suspect we’ll see more statements like this to avoid worrying investors and prospective customers
FUNDING
- Sweet Security, an Israel-based cloud runtime attack surface management (ASM) platform, raised a $75.0M Series B from Evolution Equity Partners. <- a bit late to this market, no? Okay, I looked it up. It isn’t ASM at all, it’s CNAPP + AI firewall. Focusing on securing hyperscaler use, AND SaaS, so maybe some SSPM as well?
- Israel is dominating funding lately - $150M across two rounds in the last two weeks.
ACQUISITIONS
- Pentera picked up an Israel-based professional services firm, Eva Information Security.
- ESSAYS: The Sins of Security Vendor Research
This is a great one. Nice to see someone lay out some of the pitfalls of trying to do security research while working for a security vendor. There is some potential for bias, you might say.
- DUMPSTER FIRES: The AWS/Azure/Cloudflare/GitHub Outages
It wouldn't be a week in 2025 without a dumpster fire in the news. Maybe it is still the same dumpster fire?
I don't know, but another pillar or two of the Internet broke this week.
I have an image to go with this one.
- LEGAL: Five Plead Guilty in North Korean IT Worker Fraud Scheme
Was it worth it? Probably not.
- BREACHES: Did you hear the one about the ransom victim who made a ransom installment payment after they were told that it wouldn’t be accepted? – DataBreaches.Net
This is a strange one. The ransomware crew DID encourage negotiation...
- BREACHES: Ransomed CTO falls on sword, refuses to pay extortion demand
A breach handled right.
- unfortunately, a very avoidable situation - “the payment services firm determined that the crooks had broken into a ‘legacy third-party cloud file storage system’ that wasn't properly decommissioned and was used in 2020 and prior years.” <- so, another FTP server with a compromised set of credentials, like Collins Aerospace? We’ve got to seriously get rid of this IT asbestos.
- ShinyHunters demanded payment in exchange for keeping the data private, but Checkout.com refused.
- Instead, “the company will donate the ransom amount to Carnegie Mellon University and the University of Oxford Cyber Security Center to support cybercrime research”
- VULNERABILITIES: Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
An uncommon one!
- DIGITAL ESTATE: if you use Proton apps, watch this NOW
- ENSHITTIFICATION: AI-Powered Toys Caught Telling 5-Year-Olds How to Find Knives and Start Fires With Matches
Please stop putting AI in everything, okay? Thanks.
- SQUIRREL: No such thing as bad press: makers of lift used in Louvre theft launch ad campaign
- SQUIRREL: wip: terminal (initial commit)
THE WAIT IS OVER.
Order coffee from your preferred terminal app, as the founders of Compuserve and the Internet intended.
