AI Governance, new book (Code War) from Allie Mellen, and the weekly news! – Jeremy Snyder, Allie Mellen – ESW #450
Interview with Jeremy Snyder from FireTail about AI Governance
Death by a thousand cuts: the AI shadow IT problem
I think the best description of the AI governance problem during this interview was the title of the award-winning movie, Everything, Everywhere, All At Once. Generative AI has been disrupting businesses, products, and vendor risk management for a few years now. FireTail is one of the companies trying to address this problem for enterprises, so we check in with Jeremy Snyder to see how things are going.
Segment 1 Resources:
Interview with Allie Mellen about her new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield
We're VERY excited to check out Allie's new book, which will be released on St. Patrick's Day 2026! The timing could not be better, as her book is perfectly positioned to provide some much needed perspective on the cyber aspects of the ongoing war in Iran.
Is it normal to see the use of wipers on healthcare companies in the midst of the conflict? Is there any precedent for hyperscaler datacenters getting targeted (some of AWS's EMEA regions are still recovering)? Check out the conversation to find out!
Pick up the book!
- from Wiley
- from Barnes & Noble
- from Amazon
- Allie's personal website
The Weekly Enterprise News
Finally, in the enterprise security news,
- Vibes and funding!
- Starting to see some disruption in the vuln mgmt space (finally!)
- Tons of new free tools
- lots of essays
- lots of reports
- logs of breaches
- the talks our hosts are giving at RSAC conference
- and someone is selling an actual cone of silence???
All that and more, on this episode of Enterprise Security Weekly.
Jeremy is the founder and CEO of FireTail, an end-to-end AI security platform that provides the visibility, insight, and control necessary to enable secure AI adoption. Prior to FireTail, Jeremy was in M&A at Rapid7, a global cyber leader. Jeremy previously led sales at DivvyCloud, one of the earliest cloud security posture management companies, and also led AWS sales in southeast Asia. Jeremy started his career with 13 years in cyber and IT operations. Jeremy has an MBA from Mason, a BA in computational linguistics from UNC, and has completed additional studies in Finland at Aalto University. Jeremy speaks 5 languages and has lived in 5 countries. At FireTail, Jeremy is focused on helping organizations everywhere to harness the full potential of AI, safely and with confidence.
Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield. She is a leading industry analyst who advises the Global 2000 on cybersecurity policy and practice, with a focus on detecting and responding to nation-state attacks. She is a featured speaker at many leading security conferences, including RSA Conference, Black Hat, SANS events, and others. Her insights are frequently featured in top business and technology outlets such as NPR, The Wall Street Journal, and The Washington Post.
Security Weekly listeners save $100 on their RSAC 2026 All Access Pass! RSAC 2026 Conference will take place March 23rd to March 26th in San Francisco. To register using our discount code, please visit securityweekly.com/rsac26 and use the code 56U5SECWEEKLY! We hope to see you there!
Adrian Sanabria
- FUNDING/M&A, courtesy of the Security, Funded newsletter, #234 – The Signal is Loading
VIBE CHECK
Given all of the AppSec excitement last week, where is the next likely place that frontier AI labs will attack the security stack?
- 40% - Threat intelligence
- 27% - Compliance / GRC
- 20% - Cloud security
- 13% - Identity management/governance
- 0% - Risk dashboards/exec reporting
- 0% - Other
FUNDING
- AI DLP company, Jazz, raises 61M
- Cylake, a United States-based AI-driven security operations platform for companies that require offline or data sovereignty options, raised a $45.0M Seed from Greylock.
- JetStream Security, a United States-based AI governance and security platform, raised a $34.0M Seed from Redpoint.
- Fig Security, an Israel-based data engineering management platform for security log data, raised a $30.0M Series A from Team8 and Ten Eleven Ventures.
- Reclaim Security, a United States-based threat and risk prioritization platform, raised a $20.0M Series A from Acrew Capital and a $6.0M Seed.
- Circadence, a United States-based cyber range platform for hands-on simulations for security professionals to defend against attack scenarios, raised a $16.4M Private Equity Round from Seneca Partners.
- ArmorCode, a United States-based application security posture management (ASPM) platform, raised a $16.0M Venture Round from Cheyenne Ventures.
- IntelliGRC, a United States-based security and compliance automation platform focused on the CMMC compliance framework, raised a $3.5M Seed from Kyle Hanslovan, Blu Ventures Investors.
- NEW COMPANIES: Root Evidence Launches Evidence Scan Enterprise Preview
- NEW FEATURES: Introducing the Crowdstrike API Key Canarytoken
- FREE TOOLS: The Signal — Cybersecurity Market Intelligence
A new free tool from Mike Privette
- FREE TOOLS: GitHub – xaitax/TotalRecall
"This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots."
- NEW TOOLS: googleworkspace/cli: Google Workspace CLI
One command-line tool for Drive, Gmail, Calendar, Sheets, Docs, Chat, Admin, and more. Dynamically built from Google Discovery Service. Includes AI agent skills.
- VULN MGMT: Zero Day Clock
- FREE TOOLS: GitHub – ruvnet/wifi-densepose
WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection — all without a single pixel of video.
- ESSAYS: Caleb Sima on LI: “We just deployed more attack surface in 12 months than we built in the previous decade”
- ESSAYS: What security categories will stay relevant
With AI lowering the bar for more complex software development and developer team size, Frank Wang discusses what, if any, market impact we should expect to see.
- ESSAYS: from Ryan McGeehan – LinkedIn discussion on quantifying cyber risk.
- ESSAYS: AI can’t replace jobs
- ESSAYS: Reevaluating vulnerability management
- REPORTS: CrowdStrike says attackers are moving through networks in under 30 minutes
TL;DR - we have even less time to respond to incidents
- REPORTS: Google warns hackers are targeting third parties and software flaws
Direct link to report: https://services.google.com/fh/files/misc/cloudthreathorizonsreporth12026.pdf
- BREACH ANALYSIS: Apache ActiveMQ Exploit Leads to LockBit Ransomware – The DFIR Report
- BREACHES: Stryker cyberattack: Alleged Iran-linked group Handala causes outage
Wipers are super nasty - hard to tell how bad this is at this point. Might take a while for full details to come out. Here's a list of stuff from both news stories and Kevin Beaumont. No idea how accurate these details are, so take with a grain of salt.
- Wiped systems, pushed OS updates to personal phones connected to MDM
- Used the MDM (InTune) to send wipe signals, reportedly no malware used
- Datacenters inaccessible
- they (Handala) used admin accounts to do the damage and left defacements on login pages
- sent emails to execs, taking ownership for the hack
- theory that Stryker was a target because it was a US/Israeli defense contractor & seen as a possible path to defense stuff/soldiers, could be looking for data with military value also
- claimed responsibility to Kevin Beaumont, saying they hit 250M endpoints & that this was retaliation for the girls' school that got wiped out
- this group's MO is to leverage administrative tools and lay low inside victim networks for long periods of time
- LEGISLATION: The long-awaited Trump cyber strategy has arrived
As promised, it's short, and nearly identical to what we discussed in a topic segment a few episodes ago, save some wording changes.
- WATCH: The Internet Was Weeks Away From Disaster and No One Knew
An EXCELLENT documentary on the XZ Utils incident by prominent YouTube channel Veritasium.
- DUMPSTER FIRES: From Attrition on LI: Over 30k CVEs waiting on NVD enrichment now
"As we await word of CVE being funded or if anything will change there, I can't help but notice the NVD backlog broke 30,000. Almost two years ago we were assured by them that the backlog would be… "
- SQUIRREL: Spectre I – Audio Privacy Device
I have doubts, but I'm not willing to pay $1200 to say "I told you so"
Ayman Elsawah
- Security Cafe: AI + Security (Part I)
Ayman Elsawah gives a rant on AI + Security and who (or what) is actually responsible for the code when things go awry
- Ayman’s BSidesSF Talk
