Hungry? We talk Smoked Meat, Poutine, and Bagel – also, Identiverse Interviews! – François Proulx, John Pritchard, Cassie Christensen, Jaime Lewis-Gross, Kim Brown – ESW #467
Interview with François Proulx from Boost Security
Software Supply Chain Security: Build Pipeline (CI/CD) ExploitationBoost Security is the creator of some very popular build pipeline security tools, like Bagel and Poutine. Today, we discuss their latest tool, Smoked Meat. They describe it as "Like Metasploit, but for CI/CD pipelines".Segment Resources:- Smoked Meat announcement
- Smoked Meat github
- Smoked Meat demo with Guillaume and François
Dr. John Prichard from Radiant Logic
The Three Identity Problem: Surviving Identity Security's Chaotic EraIdentity security has entered its chaotic era. Human, non-human, and agentic AI identities no longer just coexist. They form an uncontrolled inheritance chain in which a human creates an agent, the agent spins up service principals, OAuth grants, and role assignments, and that whole chain keeps running long after the human changes roles or leaves. Most of these chains are being spawned by business users on low-code and enterprise AI platforms, outside traditional identity controls and largely invisible to security.In this segment, Radiant Logic CEO Dr. John Pritchard joins us to unpack why this is no longer a visibility problem. It is an observability problem. And it is shifting the center of gravity in identity security from authentication to authorization. Listeners will leave with a clearer view of where their current IAM, IGA, and NHI programs fall short, and a practical lens for governing the rapidly expanding population of AI agents already inside their environments.To go deeper on what John discussed today, watch Radiant Logic's on-demand webinar Identities Under Attack: How Adversaries Exploit the Human-Machine-Agent Divide at https://securityweekly.com/radiantlogicidv.Cassie Christensen from Saviynt
Everyone Wants an AI Assistant. Few Are Ready to Govern OneExplore a growing reality many professionals can relate to: the appeal of using AI agents to handle the work that keeps piling up - from inbox management to research and logistics - and the governance challenges that quickly follow. The real barrier to scaling personal or enterprise AI agents isn’t the technology itself, but defining clear roles, access boundaries, oversight, and lifecycle management. As organizations deploy more autonomous AI agents, the same identity frameworks used to govern workforce and non-employee identities must now evolve to manage AI-driven access before scale and risk outpace control.This segment is sponsored by Saviynt. Learn more or get a free demo at https://securityweekly.com/saviyntidvJaime Lewis-Gross from Saviynt
From Sales Engineer to Forward Deployed Engineer: The Rise of Hybrid Technical RolesAs technology organizations evolve, technical roles are becoming increasingly fluid - particularly at the intersection of product, engineering, and customer success. This conversation explores what it means to be a modern sales engineer and how the role is increasingly expanding into responsibilities often associated with forward deployed engineers: translating complex technical capabilities into real-world outcomes, solving customer challenges in real time, and serving as a critical bridge between product teams and end users. At the center of this evolution is a customer-first mindset - one that prioritizes listening, adaptability, and long-term partnership. As organizations race to innovate, the companies that stand out will be those that remain deeply focused on customer needs while empowering technical teams to operate beyond traditional role boundaries.This segment is sponsored by Saviynt. Learn more or get a free demo at https://securityweekly.com/saviyntidvKim Brown from LexisNexis
Stop Identity Fraud: Modern Strategies for Insurance and HealthcareIdentity fraud is growing more sophisticated across both insurance and healthcare, making identity management a critical line of defense. In this executive interview, Kim Brown, VP of Product Management, will explore how organizations can strengthen identity verification, authentication, and risk assessment to reduce fraud while improving user experiences. The discussion will highlight emerging threats, evolving regulatory expectations, and practical strategies for deploying identity solutions at scale. Attendees will gain actionable insights to protect customers, patients, and their organizations without adding friction.This segment is sponsored by LexisNexis Risk Solutions. Visit https://securityweekly.com/lexisnexisidv to learn more about them!François is the VP of Security Research at Boost Security and co-creator of the poutine Open Source CI/CD scanner. He co-founded the Living Off The Pipeline (LOTP) project to describe the abuse of build tools for lateral movement. After spending years teaching defenders how to secure their workflows, he is now demonstrating how attackers are dismantling them.
Dr. John Pritchard is Chief Executive Officer of Radiant Logic, the identity security platform trusted by 30% of the Fortune 500 and 60% of U.S. Cabinet-level agencies. He stepped into the CEO role in January 2025 after joining Radiant Logic in 2022 as Chief Product Officer, where he led the company’s evolution from a virtual directory provider into an AI-driven Identity Security Posture Management platform that unifies, observes, and acts on human, non-human, and agentic AI identities.
John is the architect of the Three Identity Problem framework, the uncontrolled inheritance chain that forms across human, non-human, and agentic AI identities in the modern enterprise. His work reframes identity security as an observability problem and is shifting the center of gravity from authentication to authorization, governance, and lifecycle across the full identity chain.
Prior to Radiant Logic, John held senior product and engineering roles at Okta, Adobe, and IBM. Under his leadership, Radiant Logic was recognized in three Gartner categories in 2025, including Identity Visibility and Intelligence Platforms and AI for Access Administration, and earned Gold in the 2026 Globee Cybersecurity Awards (IAM) and Silver in the 2026 Cybersecurity Excellence Awards (ISPM). He holds a Ph.D. in Innovation Management from the University of Denver and is a frequent Forbes contributor on identity security and zero trust architecture.
Cassie Christensen is a seasoned identity security practitioner who specializes in revitalizing broken programs by prioritizing people and processes over technology. Known for turning complex strategy into executable action, she excels at building stakeholder trust and navigating organizational ambiguity to align business needs with security goals. Beyond solving technical challenges, Cassie is dedicated to empowering other practitioners, using her hands-on experience to help teams overcome operational hurdles and drive meaningful, community-wide change in the identity space.
Jaime Lewis-Gross is the Senior Vice President of Solutions Engineering at Saviynt, where she leads technical strategy and the Solutions Engineering organization supporting enterprise identity security initiatives. She partners with customers and executive leadership to help organizations modernize identity governance while advancing AI-driven approaches to identity governance, risk & security.
Kim Brown is VP of Product Management and has been with LexisNexis Risk Solutions since 2015. She currently leads teams responsible for the identity solutions focused on identity verification, authentication and risk assessment, the prefill solutions focused on improving consumer experience and the product performance group focused on setting best practices and standards for our insurance and healthcare product management organization.
Previously, Kim held analyst roles at a top P&C carrier focused on customer acquisition and the online customer experience. Kim earned her bachelor’s degree in math and statistics from Morgan State University, has a master’s in financial mathematics from Purdue University and earned her master’s in business administration from Emory University’s Goizueta Business School.
- Security leaders, your vulnerability program is overloaded. Thousands of findings, limited resources, and no clear way to prioritize what actually matters to the business.Meanwhile, regulators and boards expect measurable risk reduction, not just scan results.Join the Vulnerability Management Virtual Cybersecurity Summit on July 29th to learn how leading organizations are shifting from volume to risk-based prioritization and turning exposure into actionable strategy.Security Weekly listeners can register for free at https://securityweekly.com/vulnmanagement using the promo code: CSS26-SW
- CyberRisk TV is proud to be an official media partner of Black Hat USA 2026! We'll be broadcasting live from the Black Hat LIVEWIRE Studio with executive interviews focused on the technologies and strategies helping enterprise security teams defend modern organizations.Our Event Momentum Packages extend your reach to analysts, practitioners, and security leaders well beyond the conference. Fewer than 10 interview opportunities remain, so visit https://securityweekly.com/exec today and reserve your spot before they're gone.
















