We catch up on the news, including AI vuln hunting; also more RSAC interviews! – Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert – ESW #454
Segment 1: We cover the weekly enterprise news!
Segment 2: RSAC interviews from ArmorCode and Filigran
ArmorCode: AI Exposure Management and Governing Shadow AI
AI is moving faster than most governance models can keep up. As organizations race to adopt new AI tools, developer workflows, agents and MCP servers, security leaders must enable innovation without losing control over risk, accountability and oversight. In this segment, ArmorCode will discuss its new AI Exposure Management (AIEM) solution, as part of the ArmorCode Agentic AI Platform. ArmorCode will highlight how AIEM gives enterprises clearer visibility into where AI is being used, who owns it and the potential risks it introduces across heterogeneous environments. By turning AI usage and signals from existing security and IT systems into governed, auditable outcomes, AIEM helps organizations reduce shadow AI risk, assign accountability and accelerate AI adoption with stronger control and board-ready governance. ArmorCode will also share findings from its new 2026 State of AI Risk Management report, developed in partnership with The Purple Book Community and based on responses from more than 650 enterprise security leaders. The discussion will connect ArmorCode’s latest product innovation to the broader industry need for scalable, enterprise-ready AI risk governance.
ArmorCode AI Exposure Management is available now as a solution deployed on the ArmorCode Agentic AI Platform. To learn more, visit https://securityweekly.com/armorcodersac.
Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence
In a time where the ability to turn intelligence into decisive action is a true competitive advantage, organizations must move beyond reactive alert triage to a proactive, threat-informed defense. This segment explores how unifying threat intelligence with adversarial attack simulation enables a Continuous Threat Exposure Management (CTEM) framework that replaces hype with measurable outcomes. We will discuss why these are no longer just technical security conversations, but critical business strategies that provide the board and C-suite with the clarity and confidence to reduce risk and focus resources where they matter most.
This segment is sponsored by Filigran. Visit https://securityweekly.com/filigranrsac to learn more about them!
Segment 3: RSAC interviews with Sekioa and Fortra
Agentic AI: Don't Make Your SOC Faster at Being Wrong
Adding AI agents to an unprepared SOC doesn't make it smarter; it just makes it "faster at being wrong." Georges Bossert challenges the industry hype to explain why true autonomy relies on reliable context and structured runbooks, not just prompts. He will discuss how to build the necessary foundations to automate rapidly without losing control.
This segment is sponsored by Sekoia.io. Visit https://securityweekly.com/sekoiarsac to discover their AI SOC Platform!
Scripted Sparrow: A Prolific BEC Group
In December, Fortra Intelligence and Research Experts (FIRE) released a major report exposing Scripted Sparrow, one of the most active Business Email Compromise (BEC) collectives operating today. The group sends an estimated 6 million highly targeted scam emails each month, impersonating executive coaching firms and leveraging spoofed reply chains, missing attachment lures, and evolving multilingual campaigns. FIRE’s investigation links the collective to 119 domains, 245 webmail accounts, and 256 bank accounts, with members operating across three continents and continually refining their fraud techniques at scale.
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them!
Mark Lambert is the Chief Product Officer for ArmorCode, a leader in unified exposure management. Mark has built products for more than 20 years, and helped organizations streamline the delivery of secure, reliable and compliant software applications across the enterprise, embedded and IoT markets.
Prior to ArmorCode, he held product leadership positions with Parasoft, Advanced Visual Systems (AVS) and more. Mark holds a bachelor’s and master’s degree in computer science from Manchester University, UK.
Former Head of Cyber Threat Intelligence at the French Cybersecurity Agency (ANSSI) and Director of Cybersecurity Strategy at Tanium, Samuel Hassine is the CEO and the co-founder of Filigran, a fast-growing European CyberTech developing cutting-edge solutions for cyber threat management.
John Wilson has been combating email-based fraud since 2006, when he developed an authentication-based anti-phishing solution as CTO of Brandmail Solutions. John continued his mission to rid the world of email fraud at Agari. As part of their threat intelligence team, John assisted Microsoft and the FS-ISAC with the B54 Citadel botnet takedown by providing data related to Citadel botnet infections and by acting as a declarant in the civil forfeiture action filed in US District Court.
John joined Fortra through the acquisition of Agari in June 2021. In his current role at Fortra, he continues to research email scams and conduct experiments in “active defense”. In early 2023, John again worked with Microsoft, this time on a takedown effort aimed at curbing the illegal use of Fortra’s Cobalt Strike adversary simulation solution.
John holds a B.S. in Computer Science and Engineering from MIT. He has spoken at a variety of security conferences including RSA, FS-ISAC, Aviation ISAC, NCFTA Disruption, and the Microsoft Digital Crimes Consortium.
Georges Bossert is the Co-founder and Chief Technology and Product Officer of Sekoia.io. An engineer by training and PhD graduate from CentraleSupélec, his research focused on applying machine learning and grammatical inference to cybersecurity.
With over 15 years of experience, he has worked across the full spectrum of cybersecurity — from reverse engineering to leading technology and product strategy.
A former reservist in the French Army’s cyber operations division, Georges now serves as a board member and lecturer at the University of Rennes. He is passionate about innovation, mentoring, and building resilient teams. He was named *Innovator of the Year 2024* by *Le Point* magazine and a 2025 *Cyberscoop 50* finalist.
Enterprise defenders, you’re expected to stop everything: ransomware, identity-based attacks, supply chain risk, all while managing tool sprawl, alert fatigue, and limited resources.
Meanwhile, attackers are moving faster, getting smarter, and targeting the gaps between your controls.
So where do you focus next?
Join us on April 22 for the FinSec Virtual Cybersecurity Summit. Learn how security leaders are prioritizing detection, strengthening identity defenses, and building resilience across complex enterprise environments.
Cut through the noise, get practical insights, and walk away with strategies you can actually implement.
Security Weekly listeners can register for free at https://securityweekly.com/finsec using the promo code: CSS26-SW
Adrian Sanabria
- How often do threat actors default on promises to delete data? – DataBreaches.Net
- OpenAI Valued at $852 Billion in Latest Funding Round
- Artemis astronauts have trouble with Microsoft Outlook
- Vulnerability Research Is Cooked — Quarrelsome
- Microsoft Copilot is now injecting ads into pull requests on GitHub
